Job Description

Employment Type

Permanent

Closing Date

3 June 2026 11:59pm

Job Title

Security Testing - Senior Specialist

You will act as a technical SME in security testing and secure coding, contributing to the Security Testing strategy through input into capability uplift, resourcing, and roadmaps, while promoting “shift-left” practices and supporting automation and knowledge uplift across the organisation. In addition, you will produce high-quality security reports highlighting key threats and improvement areas, and consistently uphold Telstra’s HSE responsibilities by working safely and adhering to all relevant policies, standards, and procedures.

Our Perks & Benefits:

• Work-life integration - we understand life happens when you're busy making other plans, so we offer flexibility around where, and when you work

• 16 weeks paid parental leave for primary and secondary carers

• Professional development program

• An epic (free) Telstra mobile phone plan

• Laptop/Device allowance renewed every 2 years

• Purchased Annual Leave scheme

• Discounted Telstra products and services

What You’ll Do

• Conduct penetration testing, vulnerability assessments and source code security reviews of systems; and utilise a suite of assessment tools to expose threats, vulnerabilities, and potential attack vectors in applications

• Evaluate the extent to which systems are able to protect the organisation's data and maintain functionality as intended and make recommendations for changes and improvements

• Identify vulnerability exploitations and potential attack vectors into a system and analyse vulnerability scan results to size and assess security loopholes and threats

• Act as a technical subject matter expert in security testing and secure source code development.

• Work collaboratively with the Security Testing – Senior Lead and other team members to drive forward the Security Testing strategy, including providing direction and input into future capability, resourcing, roadmaps, and operations.

• Evaluate the extent to which systems can protect the organisation's data and maintain functionality as intended and make recommendations for changes and improvements

• Assess current security practices and controls against expected performance parameters / guidelines and identify and recommend solutions where required

• Develop security testing reports, highlighting key threats and areas for improving system security

• HSE Responsibility: Take reasonable care for your own safety and the safety of others, comply with and implement any reasonable Telstra HSE instruction, policy, standard, minimum requirement or procedure, and support Telstra to meet its duties under the relevant safety and environmental legislation.

Key Technical Skills & Expertise

• Provide technical leadership across the domain, including performing and taking on complex assessment work across a variety of technical domains, including responding to complex and escalated incidents and assessments.

• Provide input into Telstra’s Penetration Testing, Vulnerability Assessment and Secure Code processes, methodologies, and standards, including corresponding roadmaps and enhancement plans.

• Develop and provide training for both junior team members, as well as the broader Telstra community.

• Promote the concept of “shifting left” to enable the organisation to produce quality and secure code, at speed.

• Provide guidance on application security architectural considerations.

• Develop scripts to automate / expedite the identification of security vulnerabilities in code; and provide technical expertise into the development of automation across security testing tools.

• Refine and define processes (including engagement), create secure code artefacts, define criteria and security use cases.

• Work with third parties such as vendors and newly acquired Telstra companies regarding their application security and software development practices.

• Provide quality assurance reviews on the work products produced within the Secure Code team

• Able to work in environments with conflicting and lacking requirements and expectations whilst still being able to deliver high quality output that meets the requirements of Cyber Security

• Identify and effectively translate identified security vulnerabilities into business risks for communication to business stakeholders in a timely manner - harvesting and harmonising insights and context from the broader Cyber Security team as required.

• Take a pragmatic approach to security testing activities, achieving a practical balance between business objective, standards alignment, cost, time, and corresponding risk considerations.

• Able to work in environments with conflicting and lacking requirements and expectations whilst still being able to deliver high quality output that meets the requirements of Cyber Security.

Highly Desirable

• Scripting and automation skills (e.g., Python or similar languages) to improve efficiency and streamline testing processes.

• Development background to enhance understanding of system behaviour and support more effective testing.

• Familiarity with AI system testing is considered advantageous.

• Automation mindset to optimise workflows and enhance team productivity.

Certifications and Qualifications (Desirable)

• Minimum expectation of recognised security certification (e.g., equivalent to YCP).

• Preferred certifications include OSCP, CREST, or similar industry credentials.

• Advanced certifications (e.g., AWAE, SANS, or OSEP-related qualifications) are highly valued and commonly held within the team.

If this opportunity sounds like a perfect fit for you, we'd encourage you to apply!

Diversity is more than a policy – it’s how we thrive

We know diverse teams deliver better outcomes, and we’re committed to creating an environment where everyone feels safe, respected, and supported — regardless of gender, background, or ability.

We strongly encourage women and gender-diverse people to apply and are happy to discuss flexible working arrangements or adjustments to the recruitment process.

We're amongst the top 2% of companies globally in the CDP Global Climate Change Index 2023, being awarded an 'A' rating. If you want to work for a company that cares about sustainability, we want to hear from you.

As part of your application with Telstra, you may receive communications from us on +61 440 135 548 (for job applications in Australia) and +1 (623) 400-7726 (for job applications in the Philippines and India).

When you join our team, you become part of a welcoming and inclusive community where everyone is respected, valued and celebrated. We actively seek individuals from various backgrounds, ethnicities, genders and disabilities because we know that diversity not only strengthens our team but also enriches our work. We have zero tolerance for harassment of any kind, and we prioritise creating a workplace culture where everyone is safe and can thrive.

As part of the hiring process, all identified candidates will undergo a background check, and the results will play a role in the final decision regarding your application.

We work flexibly at Telstra. Talk to us about what flexibility means to you. When you apply, you can share your pronouns and / or any reasonable adjustments needed to take part equitably during the recruitment process.

We are aware of current limitations with our website accessibility and are working towards improving this. Should you experience any issues accessing information or the application form, and require this in an alternate format, please contact our Talent Acquisition team on DisabilityandAccessibility@team.telstra.com or via the additional contact options found at www.telstra.com.au/careers/diversity-equity-and-inclusion/disability-employment.