Haystack
← Back to Jobs
Full time
Other

Senior Vulnerability Assessor

KinexusCanberra, Australian Capital Territory🇦🇺AustraliaPosted 16 Jul 2026

Quick Overview

Work Type
Hybrid
Schedule
Full Time
Level
Mid Senior

Job Description

RFQ-ASD - LH-07163 Senior Vulnerability Assessor

Due to the nature of clients we work with here at Kinexus and the projects these roles will be based on, an Australian Government TSPV clearance is essential.

These opportunities do not have the ability to obtain sponsorship for a security clearance (including applicants who currently hold a security clearance seeking to upgrade).

ABOUT THIS ROLE

This role is for a Senior Vulnerability Assessor.

Candidates must hold current TSPV security clearance.

Vulnerability Assessors identify, assess and prioritise threat vulnerabilities identified through penetration testing and report findings to improve security architecture and enhance risk awareness.

Candidates must be willing to undergo ASD's Organisational Suitability Assessment (OSA). The OSA requires a psychological assessment, which involves a questionnaire and an interview.

Before submitting an application for this role, the candidate should consider their preparedness for questions that may include topics such as personal relationships, living circumstances, personal values, financial situation, physical and mental health history including substance use, and any civil and/or military record.

Initial contract duration: 12 months

Extension term: 12 months

Number of extensions: 2

Location of work: Canberra

Working arrangements: On Site. Working arrangements will be at the discretion of the assigned work area, subject to operational need. Due to the nature of ASD's operations, not all work areas can accommodate work from home.

ABOUT THE COMPANY

Australian Signals Directorate (ASD) is the federal agency responsible for foreign signals intelligence, cyber warfare and information security. ASD's purpose is to defend Australia from global threats and help advance our national interests.

JOB DUTIES AND RESPONSIBILITIES
  • Assess and explain threat profiles of a variety of electronic devices, as relevant across the Australian Signals Directorate.
  • Lead analytical processes to identify and recommend actions to maintain and improve the integrity of the Australian Signals Directorate ICT infrastructure.
  • Evaluate and assist with the application and compliance of security controls and review information systems for actual or potential security vulnerabilities.
  • Perform security risk and business impact analysis for complex information systems.
  • Investigates suspected attacks and supports security incident management.
  • Maintains and optimises operational security processes.
  • Provide advice on implementing and managing physical, procedural and technical security encompassing both physical and digital assets.
  • Adopt and adapt appropriate systems design methods, tools and techniques selecting appropriately from predictive (plan-driven) approaches or adaptive (iterative/agile) approaches, and ensure they are applied effectively.
  • Review and make recommendations and assess and manage associated risks of others' systems designs to ensure selection of appropriate technology, efficient use of resources, and integration of multiple systems and technology.
  • Contribute to development of systems design policies and standards and selection of architecture components
SKILLS & EXPERIENCE NEEDED
  • Compliance Monitoring and Controls Testing: Level 4 (CIISEC)
    • Is an experienced member of a team conducting compliance monitoring and/ or controls testing.
  • Internal and Statutory Audit: Level 4 (CIISEC)
    • Conducts security audits under supervision as part of a team.
  • Intrusion Detection and Analysis: Level 2 (CIISEC)
    • Can explain the basic principles involved in monitoring network and system activity for anomalous behaviour and how the results can be used. This might include experience of applying these principles in a training or academic environment, for example through participation in syndicate exercises, undertaking practical exercises, and/or passing a test or examination.
  • Threat Intelligence, Assessment and Threat Modelling: Level 4 (CIISEC)
    • Undertakes routine threat intelligence/modelling tasks or threat assessments without close supervision. Undertakes complex threat intelligence tasks or threat assessments under supervision. Appropriate and relevant certifications include CREST Registered Threat Intelligence Analyst.
BENEFITS
  • Why work for ASD?
  • Work on interesting and prestigious projects vital to the ongoing defence of Australia.
  • Flexible work environment; work the hours that suit you between 7am and 7pm.
  • Low attrition rate: the great variety of projects and opportunities across different business areas ensure few workers leave ASD.
  • Long contracts available.
  • Fantastic growth opportunities available at any stage of your career.

Skills

Agile
Compliance
Mental Health
Penetration Testing

Similar jobs