This is not just a job advertisement—this is a mission.

We are not here to fill a vacancy. We are here to connect with people who pursue excellence, take initiative, and are committed to ongoing growth.

We are ctrl:cyber—a high-growth, proudly Australian cybersecurity firm—and we’re looking for purpose-driven individuals to join our team.

We want to hear from people who believe their potential has no ceiling. At Ctrl, your ambition and capabilities are met with real opportunities for impact and development. We’ve built a culture that values curiosity, supports innovation, and provides a platform for continuous learning.

You’ll be surrounded by motivated, skilled colleagues who lead with integrity and collaborate with purpose. Expect to do meaningful work. Expect to grow. Expect to be supported as you take on challenges that matter.

The Opportunity

We’re looking for an experienced Penetration Tester to join our existing and growing team. You will be working within an experience testing team, solving our client’s cybersecurity issues, sharing your knowledge, and mentoring others. Outside of your core responsibilities, you’ll also collaborate across other teams to provide support with scoping, meetings, presentations etc.

What You’ll Be Responsible For

  • Design and execute tests to break into security protected networks, computer systems and web-based applications, and mobile applications to look for vulnerabilities. Test design will be based on threat intelligence, OSINT, or client scenarios
  • Conduct physical assessments of client locations, server systems and network device security, looking for ways to exploit vulnerabilities
  • Conduct security and network configuration audits to evaluate how well an organizations’ system conforms to a set of established criteria and best practice frameworks
  • Analyze organizational security policies for effectiveness, make suggestions for improvements.
  • Document your findings, write evidence-based security reports, and discuss solutions with IT stakeholders, senior management teams, and C-Suite leaders

What We’re Looking For

  • Min 2-4 years’ industry work experience within Cybersecurity in a similar Penetration Testing role (DevOps IT SysAdmin, or IT analyst background desired but not required) – we’re not hung up on Degrees!
  • Industry recognized certifications: OSCP, OSEP, CRTO, SANS/GIAC, PNPT, ECPPTv2
  • Previous experience in a customer facing and/or a consulting-type role delivering a wide variety of end-to-end testing
  • A strong background in Mobile Apps and API Penetration testing (Android and iOS)
  • Low level programming language experience (desired but not required)
  • A natural problem solver with the ability to multi-task and apply analytical thinking to solve a range of testing issues and well as produce well-written, evidence-based reports.
  • Excellent communication skills – both written and verbal
  • Strong collaboration skills – you’ll be working with a variety of teams within the organisation to solve client requirements

What You’ll Get

  • Hybrid work environment
  • A competitive base salary
  • Flexibility, autonomy, and support—with a clear investment in your development
  • A collaborative, technically excellent team to be part of