Permanent opportunity

The Senior Penetration Tester plays a critical role in identifying, assessing, and mitigating security vulnerabilities within Bupa applications, networks, and IT systems. They conduct simulated attacks to evaluate the effectiveness of security measures and ensure that systems are resilient against real-world threats, and validate the exploitability of identified vulnerabilities. 

Responsibilities 

• Perform thorough penetration testing on Bupa’s applications, networks, and IT systems to identify security weaknesses and vulnerabilities. 
• Use manual and automated tools to identify and exploit vulnerabilities in both internal and external systems. 
• Conduct assessments on web applications, mobile applications, network infrastructures, cloud environments, and endpoints. 
• Simulate real-world cyberattacks to evaluate the security posture of Bupa’s systems and applications. 
• Safely exploit vulnerabilities to demonstrate the potential impact and exploitability of identified security weaknesses. 
• Provide a risk analysis of identified vulnerabilities based on severity, exploitability, and potential business impact. 
• Document and report all findings, including vulnerabilities, exploits, and recommendations for remediation. • Provide clear, actionable reports to stakeholders, ensuring technical details are understood and remediation steps are clear. 
• Work closely with development, security, and IT teams to ensure vulnerabilities are remediated effectively and in a timely manner.
• Ensure all testing activities comply with organizational security policies, legal requirements, and industry standards (e.g., CREST, OWASP, NIST, GDPR). 

Qualifications, Training and Experience 

• 15+ years of experience in Information Technology, minimum 10 years’ experience in Security 
• 10+ years of pen testing experience 
• Certifications: • Certified Ethical Hacker (CEH):  • Offensive Security Certified Professional (OSCP):  • GIAC Penetration Tester (GPEN):  • Certified Cloud Security Professional (CCSP):  (AWS, Azure, GCP). 
• Business and commercial acumen - strong business experience with a strong focus of the customer 
• Excellent oral and written communication skills including quality, concise technical documentation, report writing and presentations 
• Excellent team player working within matrix structures, with demonstrated ability to broker outcomes effectively and collaboratively with colleagues and peers 
• Vendor and partner management experience, including professional services and technology vendors. 

Why you’ll love it?

We support our people to be the healthiest and happiest versions of themselves.

We reward our people and celebrate their success. From providing initiatives that develop careers to looking after our people’s health, wellbeing and futures. Through the Viva Healthier and Happier program, we’re providing health benefits for everyone who works at Bupa, no matter their role. We want to support our people to be the healthiest and happiest versions of themselves. 

If this sounds exciting, we’d love to hear from you. Let’s shape the future of healthcare, together.

At Bupa your wellbeing, identity, and personal story are respected and valued. We are continuing to build teams that reflect the diversity of the communities we serve. Bupa is committed to providing equal opportunities and fostering a workplace and environment that is free of discrimination, bullying and harassment.

We actively encourage applicants from all backgrounds and experiences, including Aboriginal and Torres Strait Islander peoples, veterans, people with disabilities, and LGBTQIA+ applicants.

We are dedicated to removing barriers to participation. If you need any reasonable adjustments during the recruitment process, or if you’d like to discuss how this role can be flexible for you, please let us know so we can support your participation on an equitable basis.

To obtain a copy of the Position Description or to discuss this opportunity, please contact hemani.bhardwaj@bupa.com.au To apply, please do so via the 'apply' button above.