Senior Penetration Tester at Packetlabs Ltd. – Melbourne, Victoria

Packetlabs was built by an ethical hacker after seeing vulnerability assessments presented as penetration tests. Our slogan "Ready for more than a VA scan?" drives at the importance of not providing our clients with a false sense of security.

We are a passionate team of highly trained, proactive, pentesters. We provide expert-level penetration testing services that are thorough and tailored to help foster a safe digital space where everyone has the right to privacy and security. Packetlabs consultants find weaknesses others overlook and continuously learn new ways to evade controls. We hold ourselves to a very high standard.

To do so, we only hire individuals with the same drive and passion.

Note: While the position is based in Australia, initial onboarding and collaboration may involve some after-hours work to align with our Eastern Time Zone (Canada/US) team. Flexible scheduling options will be supported as the role transitions to standard local hours.

Packetlabs is launching its first international security team in Australia. This role exists to ensure that our Australian practice operates at the same standard as our global organization, while helping define how we scale penetration testing across regions.

We are a passionate team of highly trained, proactive, ethical hackers. We provide expert-level penetration testing services that are thorough and tailored to help foster a safe digital space where everyone has the right to privacy and security. Packetlabs consultants find weaknesses others overlook and continuously learn new ways to evade controls. We hold ourselves to a very high standard.

If you want to do excellent technical work and influence how a distributed security team collaborates, documents, and scales, this role is for you.

What You’ll Be Building

You’ll be one of the first security hires in Australia and a key contributor to Packetlabs’ global penetration testing practice. From day one, you’ll work closely with teammates in Canada and Australia to ensure a single, unified methodology, culture, and quality bar. This role includes:

Owning the technical and cultural integration of the Australian security team into Packetlabs’ global practiceMentoring intermediate and junior pentesters locallySetting and enforcing documentation, workflow, and tooling standards used across regionsActing as a cultural and technical bridge between regions

Our Canadian Security leadership is actively invested in the success of our Australian team. You will not be expected to operate in isolation or “figure things out alone.” Support includes:

Direct access to leadership for technical, process, and escalation decisionsShared ownership of methodologies, tooling, and quality standards across regionsA structured onboarding and buddy system with experienced team members in CanadaClear escalation paths for high-impact findings and client-sensitive situationsRegular cross-region planning, review, and knowledge-sharing sessions

While this role has significant autonomy, success is built on collaboration, transparency, and shared accountability across regions.

What You’ll Be Doing

Collaboration & IntegrationWork closely with teammates across Australia and North AmericaParticipate in cross-region projects (you will not be siloed to “APAC-only” work)Communicate findings clearly in both written and verbal formatsContribute to shared documentation and knowledge basesSupport structured handoffs across time zones when neededCore Technical WorkYour primary role is to perform penetration testing of web applications, mobile applications, thick clients, APIs, and infrastructure when ready.Chain application flaws to other areas, such as cloud and on-prem AD infrastructure. Opportunities for lateral movement into the infrastructure teams are limited and given at the manager's discretion.Develop detailed reports on findings and remediations for impactful findings. You will learn to debrief these findings at both a technical and executive level.Experience in using scanners and knowledge of validation and elimination of false positives.A strong understanding of OWASP in Web, API, Mobile, and AI/LLM is necessary, but you will be asked to go beyond.Team DevelopmentMentor intermediate and junior pentestersLead or co-lead internal knowledge-sharing sessionsHelp set the standard for technical quality, communication, and professionalismSurface integration or process issues early and proactively

What Success Looks Like in the First 6 Months

Australian engagements consistently meet or exceed Packetlabs’ global quality barJunior and intermediate pentesters operate with increasing autonomy under your guidanceCross-region handoffs occur without friction or reworkDocumentation and methodology improvements reduce review cycles and escalationsLeadership has confidence in delegating responsibility for regional delivery to you

Who We Are Looking For

Applicants must have the legal right to work in Australia.Core values:You have a customer-first mentality. Is a great communicator with clients, project managers, and teammates. Rapid responses and on time.You deliver work that you take pride in. Your work is an autograph of your excellence.You dig deeper into every finding. Doesn't stop until impact is proven.You are comfortable being uncomfortable. Goes towards obstacles, not away from them. Consulting isn't your typical job and requires adapting to rapidly changing environments.You are always learning. Cybersecurity is changing every day, and you need to keep up or want to keep up. Be deeply aware of your skill set and be willing to improve.Demonstrates the ability to collaborate effectively in peer review and client-facing engagementsEducation and experience:We are looking for an experienced application security tester to join our team:Solid working knowledge of programming languages, including C, C#, Python, Objective-C, Java, JavaScript, SQL, and frameworks like AngularJS.Familiarity with web services and data exchange formats such as XML, JSON, SOAP, REST, and AJAX.Understanding of AI/LLM weaknesses and flaws in applications.Extensive experience/expertise in using an attack proxy (e.g. Burp Suite)Preferred if you have 3 - 5 years of experience working in penetration testing and consultingA graduate of a post-secondary college or university degree program.Has at least two years of experience dealing with information security-related tasks.Has professional qualifications (one or more preferred): OSCP, OSWE, BSCP.

How We Work

Remote-first, with intentional overlap between regionsStrong emphasis on documentation and knowledge sharingStructured onboarding and buddy systemRegular local meetups in AustraliaHigh autonomy paired with high accountability

Why Packetlabs

Be a founding member of our Australian Security practiceInfluence how a global security team is built and scaledWork with talented, pragmatic security professionalsClear growth paths into technical leadership or broader advisory rolesSupport for ongoing learning and certificationsCompetitive compensation aligned to the Australian market

Packetlabs is an equal opportunity employer and evaluates applicants based on skills, experience, and role requirements.