React Job: Penetration Tester

Company Description

Want to deliver tech with purpose, with people who care?

Join us and help secure our customers and our cutting-edge software and cloud systems.

Who we are?

We’re a tech company that exists to protect and support every child's digital journey. We’ve grown fast - we’re ASX-listed and currently have over 500 people, working in Perth, Melbourne, Sydney, New Zealand, Europe (UK and Spain) and the US. We’re all proud of our incredible journey so far... and the best is yet to come. That’s where you come in!

Job Description

What’s the opportunity?

Penetration Testing plays an essential role in securing and protecting the applications and products that are used by our customers. This newly minted position has a leading role in continuously securing our products and will work closely with Application Security Engineering, Cloud Security Engineering, Site Reliability Engineering and other Technology teams across our broader Technology Divisions.

We know that consulting penetration testers often wish they could influence lasting change beyond their written reports. At Family Zone, your report won’t be shelved until next year's engagement where you discover the same problem. Your opinion & input will be highly valued; you’ll influence the quality of the products that our customers use to protect students and families and you’ll be able to do this fun and challenging work amongst a supportive and capable team of security engineers.

The Technology Team at Family Zone highly values diversity and inclusion in our hiring process. As we strive toward a more diverse workforce, we encourage all interested candidates to apply. Even if you're worried you might not be a perfect fit at first glance, we'd love to talk to you

Here's how you'll do it:

• You will be responsible for penetration testing our global applications and new features in a predominantly cloud based environment.
• You will be a key influencer in consulting & supporting technology wide security-by-design initiatives.
• Will be working closely with application security on initiatives such as code security enhancements and the ongoing adoption of our application security standard which is based on the OWASP ASVS.
• Will be working closely with cloud security engineers to continuously improve the effectiveness of our external attack surface management and continuously test the security of our CI/CD pipelines.
• You’ll have a real impact on the products that we build all around the globe.

Qualifications

What will you bring?

• Experience as a senior developer/software engineer OR experience in Penetration Testing
• At least one of the following certifications would be ideal - OSWA, OSWE, GWEB, eWPT or equivalent - although demonstrable experience is just as important.
• Familiarity with one or more of the following development tools: Java, Python, Swift, NodeJS, ReactJS, Angular, Databases (MySQL, Postgres), Go, .NET, C#.

You'll have:

• Excellent communication skills including the ability to communicate complex technical concepts in simple language and effectively communicate impact & risk
• Excellent self organisational & prioritization skills
• Unyielding curiosity and a passion for learning new things every day
• A demonstrated and consistent history of self driven education & training in offensive security - especially application security. If possible, we’d like to see this in the form of any one or more of the following:
  • A blog where you’ve been dissecting security topics
  • A researcher / bug bounty hunter profile
  • A security project you’ve open sourced in github
  • A CTF you’ve completed or built
  • A conference you’ve spoken at

Additional Information

Why choose Family Zone?

In this role, you can expect:

• Employee Share Scheme
• Zone Out Days
• Tech Allowance
  .... and much more

More importantly, you’ll:

• Deliver tech with purpose...

As a Software Engineer here, your work truly matters. Your skills, knowledge and ideas will all help children stay safe online. It feels good to do good.

• With people who care...

Our Developers are amazing! They’re also amazingly supportive. We all take ownership of our work, end to end. And at the same time, we really care about growing and winning together.

• Through work that you love...

You’ll get to work on large scale technical and data challenges for a global customer base. And you'll be exposed to modern technologies and processes, in a fast-paced and supportive environment.

• And a career that you own...

This role offers so many opportunities to expand your skills and grow your career. You’ll get to attend local software conferences, paid for by us. And as you step up and take ownership to make things happen, you’ll carve out an incredible career.

What’s our technology stack?

The tech stack you’ll be using will depend on the team you’re working with. But the range of technologies we use means there are always opportunities for further growth and development.

Our platform is predominantly cloud-based (AWS & GCP), and we have a rich tapestry of architectural components and processes including:

• RESTful backend services (Java, Go, Python)
• Client-side static apps (React, BackboneJS)
• Fit-for-purpose filtering clients deployed across laptops, mobiles, and tablets (Go, Java, Kotlin, C/C++, Swift)
• Deployment and orchestration via Ansible, Docker, Kubernetes
• Distributed version control via Git and build management via TeamCity / Bamboo.
• VPN servers, firmware & low-level packet inspection

We’d love you to apply, even if you don’t have experience with our entire tech stack. We’re pro-learning, good engineering and coding paradigms, rather than specific tools.

Shortlisting will commence immediately.