FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Penetration Tester
One New ZealandPenetration Tester driving identification and remediation of security weaknesses at One NZ. Conducting technical security assessments across applications, infrastructure, and cloud platforms.
Tech Stack
Tools & technologiesAWSAzureCloudKubernetesLinux
About the role
Key responsibilities & impact- Plan and deliver authorised penetration tests across applications, APIs, infrastructure, cloud, identity, and end-user environments in line with agreed scope and controls
- Conduct threat-led and scenario-based testing to simulate real-world attacker behaviour across critical systems
- Perform security assessments of web, mobile, API, and thick-client applications aligned to relevant standards
- Assess container and Kubernetes environments, including cluster security, RBAC, and workload isolation risks
- Evaluate Gen AI and agentic solutions for attack paths such as prompt injection, data leakage, and misconfiguration
- Review identity and access controls, including authentication flows, privileged access, and lateral movement risks
- Produce high-quality reports outlining risks, evidence, exploitability, and prioritised remediation actions
- Partner with engineering teams to support remediation, deliver debriefs, and validate fixes through retesting
- Contribute to continuous improvement of offensive security capabilities, including tooling, automation, and playbooks
- Support purple teaming and incident readiness activities in collaboration with Cyber Defence teams
Requirements
What you’ll need- Proven hands-on experience delivering penetration testing across applications and infrastructure in an enterprise environment
- Understanding of Windows/Linux security, networking fundamentals, and common attack techniques
- Experience testing web, API, and mobile applications with knowledge of OWASP Top 10 and secure design principles
- Cloud security testing experience across AWS/Azure, including IAM, network controls and misconfiguration risks
- Knowledge of container and Kubernetes security, including workload identity, RBAC, and network policies and ability to assess cluster and workload risks
- Scripting/automation skills to support repeatable testing & analysis
- Ability to translate complex technical findings into clear business risk and prioritised remediation guidance/deliverables
- Understanding of vulnerability management and risk assessment processes
- Relevant certifications such as OSCP, CREST, GIAC, and cloud security certifications
Benefits
Comp & perks- A fully subsidised Southern Cross health insurance cover for you and your family.
- Lifestyle leave, giving you the option to purchase an extra week or two of annual leave.
- Discounts on One New Zealand products, services and much more!
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
penetration testingsecurity assessmentscloud security testingcontainer securityKubernetes securityscriptingautomationvulnerability managementrisk assessmentOWASP Top 10
Soft Skills
communicationcollaborationreport writingproblem-solvinganalytical thinking
Certifications
OSCPCRESTGIACcloud security certifications