Breach & Attack Simulation Specialist (BAS / AEV) at Towcha People

Melbourne, Victoria, Australia -

Full Time

Start Date

Immediate

Expiry Date

22 Apr, 26

Salary

0.0

Posted On

22 Jan, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Breach & Attack Simulation, Adversarial Exposure Validation, MITRE ATT&CK Framework, Scripting, Python, PowerShell, Bash, SIEM, EDR, Purple Teaming, Incident Response, Cloud Environments, Ransomware Emulation, Control Efficacy Reporting, Audit Support, Threat Behaviours

Industry

Staffing and Recruiting

Description

Our Client: Our Client is a large, highly regulated financial services organisation with a strong focus on cyber resilience and risk reduction. The organisation invests heavily in advanced security capabilities and threat-informed defence practices to protect customers, systems, and data at scale. This role sits within a mature cyber security function supporting continuous validation of security controls. What you’ll do: Operate and optimise Breach & Attack Simulation (BAS) and Adversarial Exposure Validation (AEV) platforms Design, build, and execute atomic attack simulations aligned to the MITRE ATT&CK framework Develop ATT&CK-mapped scenario catalogues covering initial access, lateral movement, and exfiltration, including ransomware emulation Integrate BAS platforms with SIEM, EDR, and SOAR tooling to enable automated validation and reporting Extend adversary simulations across cloud (AWS, Azure, GCP) and SaaS environments Validate identity controls, privilege escalation paths, and access pathways Partner with SOC, Incident Response, and detection engineering teams to support purple teaming Produce executive dashboards, control efficacy reporting, and CTEM validation artefacts Support audit and regulatory evidence requirements 4–6+ years experience in offensive security, red teaming, penetration testing, or BAS / AEV operations Strong understanding of the MITRE ATT&CK framework and adversary TTPs Hands-on scripting or development experience (Python, PowerShell, and/or Bash) Experience working with SIEM and EDR platforms Ability to translate threat behaviours into safe, repeatable, and measurable security tests Purple Team Towcha People is an Indigenous-owned recruitment business and we are committed to fair access to opportunity. We recognise that diverse perspectives fuel innovation, and that women and people of colour are less likely to apply unless they meet every qualification. We encourage you to apply even if you don’t meet every requirement. If you have the capability and the intent, we want to hear from you. You might be the right person for this role or another opportunity we are supporting. To see our other openings please visit: https://apply.workable.com/towcha-people/

Responsibilities

Operate and optimize Breach & Attack Simulation (BAS) and Adversarial Exposure Validation (AEV) platforms. Design and execute attack simulations aligned to the MITRE ATT&CK framework and integrate BAS platforms with various security tools.