1. Be part of forming our new internal Red Team
2. Flexible working conditions and locations of Brisbane, Sydney or Melbourne
3. Highly collaborative national team
We’re never just satisfied with how things are – because we know how things could be. And it’s our expert Technology team who forge ahead every day to make those ‘what ifs’ a reality.
Welcome to a place where you can chase real progress and drive real change. And that includes your own career. Being a part of Technology at Suncorp Group means being switched on, endlessly curious and always adaptable. In return, you’ll be supported to bring your own ideas to the table and challenge conventions – with the aim of making life a little brighter, simpler and better for our customers and each other.
Known internally as the Principal Security Engineer, the Offensive Security Engineer is responsible for designing, planning, executing, and reporting on Red and Purple Team operations targeting Suncorp's production systems. These operations leverage real-world, threat intelligence-led adversarial tactics, techniques, and procedures to enhance Suncorp’s overall security posture.
This role is part of the System Security Engineering department within Cyber Security and demands a high level of technical expertise, creativity, extensive experience, discretion, personal accountability, and integrity.
What you’ll do
4. Design and execute Red and Purple Team operations, penetration tests, and ethical hacking exercises targeting Suncorp's production systems
5. Analyse complex technology architectures to identify vulnerabilities and opportunities for exploitation using real-world adversarial tactics, techniques and procedures
6. Work closely with cross-functional teams to enhance security strategies, share insights, and achieve objectives that benefit Suncorp's overall security posture
7. Effectively convey complex technical and operational information to various stakeholders, ensuring clear understanding without requiring long-term management of findings
8. Creatively design and implement sophisticated attack scenarios against target systems, while strictly adhering to agreed rules of engagement
9. Continuously stay informed about emerging threats, attack methodologies, and the latest developments in offensive security to enhance the organization's defence mechanisms
10. Leverage a broad range of technology skills, including system administration, infrastructure, architecture, database management, programming, cloud, and networking, to support offensive security initiatives
What you’ll bring
11. OSCP (Offensive Security Certified Professional) or OSCE (Offensive Security Certified Expert) certification is mandatory
12. Advanced knowledge and practical application of the MITRE ATT&CK and CORIE frameworks
13. Experience in offensive security roles within large enterprises, defence, or federal government agencies
14. Demonstrated ability to explore and exploit diverse technical architectures and develop exploits for common software and architecture constructs
15. Capability to design and develop automated exploitation tools or effectively operate third-party equivalents
16. Proficiency in coding and scripting languages such as Python, Perl, Bash, Java, C#, and C/C++
17. Strong stakeholder engagement skills combined with the ability to contribute to strategic perspectives and translate them into tactical actions
What we can offer
18. A range of flexible working and leave options, including 20 weeks paid parental leave, 4 weeks paid secondary carer parental leave and unlimited paid emergency response leave
19. Discounts and offers on a range of retail favourite stores as well as banking and insurance products
20. Give back to our communities with payroll giving, donation matching and paid volunteer leave
21. Invest in your brighter future with ongoing study support and career development programs; and
22. Prioritise your work/life balance with our robust employee assistance program and dedicated employee council
Employee benefits | Suncorp Group
At Suncorp we believe we are our best when our workforce is as diverse, talented and passionate as the communities in which we live and operate, and where our people feel included, valued and connected. We are passionate about inspiring our people by creating a diverse, accessible, and inclusive culture, offering flexible work, career development and internal mobility, and building connected relationships amongst our team members and with our customers.