Haystack
← Back to Jobs
Full time
Other

Penetration Tester

SwiftCruitSydney, New South Wales🇦🇺AustraliaPosted 18 Jul 2026

Quick Overview

Work Type
Hybrid
Schedule
Full Time
Level
Mid Senior

Job Description

About Toll Group

At Toll, we do more than just logistics - we move the businesses that move the world. Our 16,000 team members can help solve any logistics, transport, or supply chain challenge - big or small. We have been supporting our customers for more than 130 years. Today, we support more than 20,000 customers worldwide with 500 sites in 27 markets, and a forwarding network spanning 150 countries. We are proudly part of Japan Post -



About the Role

Join Toll Group as a Penetration Tester and play a critical role in strengthening our cyber resilience. Reporting to the Cybersecurity Threat Prevention Manager, you will identify and assess vulnerabilities across applications, infrastructure, APIs and cloud environments, helping to protect our global business from evolving cyber threats. This is an opportunity to work within a collaborative Cyber team, applying offensive security expertise to improve security outcomes across a complex enterprise environment.



This position can be based in either Brisbane, Sydney or Melbourne.



A day in the life of a Penetration Tester at Toll

  • Conduct penetration testing across web applications, APIs, infrastructure and cloud platforms.

  • Identify, validate and safely exploit vulnerabilities to assess business risk and security impact.

  • Produce clear technical reports with actionable remediation recommendations.

  • Collaborate with Technology, Cyber Critical Controls, Detection & Response and project teams to strengthen security posture.

  • Participate in threat modelling, security reviews and attack surface assessments.

  • Research emerging threats and enhance offensive security tools, processes and testing methodologies.



Qualifications

  • Bachelor's or Master's degree in Computer Science, Business or a related discipline.

  • Industry certifications such as OSCP, OSWE, CRTO, CRT, Security+ or equivalent highly regarded.

  • Public security research, conference presentations or technical write-ups viewed favourably.

  • Ability to obtain and maintain an Australian Government Security Clearance (minimum NV2).



Skills & Experience

  • 3-5 years' experience in penetration testing, offensive security or a related cyber security role.

  • Demonstrated experience testing web applications, APIs, internal and external networks.

  • Strong knowledge of OWASP Testing Guide, OWASP Top 10 and MITRE ATT&CK frameworks.

  • Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, BloodHound and PowerShell.

  • Working knowledge of Microsoft technologies, Active Directory, Entra ID and cloud platforms including Azure, AWS and/or GCP.

  • Excellent analytical, investigative and stakeholder engagement skills, with the ability to communicate technical concepts clearly.



At Toll everyone is welcome including those of all ages, ethnicities, genders and abilities.



You must be entitled to work in Australia and be prepared to undertake pre-employment checks including a criminal history check and medical.

Skills

GCP
AWS
OWASP
Active Directory
Azure
Penetration Testing
PowerShell

Similar jobs