Offensive Security Engineer at Rabobank

Sydney, New South Wales, Australia -

Full Time

Start Date

Immediate

Expiry Date

20 Jul, 26

Salary

0.0

Posted On

21 Apr, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Penetration testing, Offensive security, Vulnerability assessment, Azure, DevOps, CI/CD, Shift-left security, Web application security, API security, Network infrastructure, Active directory, SAST, DAST, OWASP, MITRE ATT&CK, Security architecture

Industry

Banking

Description

Job Title Offensive Security Engineer Job Description About Us Rabobank is the world’s leading specialist in food & agribusiness banking. One of our key strengths lies in our people who have a deep understanding of agriculture & are committed to adding long-term value for clients. Our commitment to our employees & clients is at the heart of everything we do. About the role: Rabobank’s Technology Engineering Security Team is on the front line of cyber defence - designing & implementing controls that protect our systems & data. This collaborative team covers Security Architecture, Vulnerability Management, Security Testing, & Red Teaming. The team is now looking for an Offensive Security Engineer in Sydney on a 12-month fixed term contract As Offensive Security Engineer, you will be responsible for delivering high‑impact offensive security testing across applications, infrastructure, cloud environments, & emerging technologies within Rabobank Australia & New Zealand (RANZ). Top Role Responsibilities & Accountabilities: Partner with business leaders & technology stakeholders to identify systems & services that meet defined criteria for offensive security testing, establishing & managing a prioritised testing pipeline Execute offensive security testing pipeline across applications, infrastructure, & cloud platforms (on‑prem & Azure) Deliver hands‑on penetration testing & vulnerability assessments, validating exploitability & real business impact Support squads by triaging findings from code scanning, helping teams understand what matters & why Partner with DevSecOps engineering teams to support shift‑left security by informing, tuning, & validating automated security testing & CI/CD controls based on real‑world offensive findings Champion effective remediation by collaborating with engineering, security architecture, secure design, & vulnerability management teams to prioritise findings, provide actionable guidance, validate fixes, & influence secure‑by‑design practices Oversee & coordinate testing activity across the Rabobank ANZ region, including external penetration testing schedules Produce clear, high‑impact security reports tailored to both technical & non‑technical stakeholders Contribute to secure‑by‑design outcomes by feeding findings back into architecture, design, & vulnerability management processes Influence the ongoing maturity of the offensive security capability through knowledge sharing, research, & continuous improvement To Be Successful, you will have: Strong hands‑on penetration testing & offensive security assessment experience in complex enterprise environments Practical understanding of DevOps / CI/CD pipelines, ideally Azure DevOps, with experience embedding security testing (“shift left”) Proven ability to assess & exploit vulnerabilities across: Web applications & APIs Network & server infrastructure (Windows/Linux, AD) Cloud platforms (Azure preferred, AWS acceptable) Familiarity with recognised frameworks such as OWASP, PTES, OSSTMM, NIST, & MITRE ATT&CK Working knowledge of SAST & DAST tools & how they complement manual testing Strong written, interpersonal & verbal communication skills Proven experience collaborating closely with SOC, engineering, architecture, & vulnerability management teams What we're proud to offer you: Wellbeing leave. These 2 extra leave days support greater work/life balance & is just another way we are helping our employees to lead happier, healthier, & more fulfilling lives Education Assistance Program. Rabobank values the development of its people & has a great Education Assistance Program to assist with professional development Parental Leave that supports you & your family while giving you the freedom & flexibility to enjoy this special time (up-to 14 weeks paid leave) Bonus and Additional Leave. We realise sometimes 4 weeks Annual Leave isn't enough! At Rabobank we provide an incentive for eligible employees to receive 1 extra week Annual Leave & an option to purchase another 2 weeks Annual Leave Extra Insurance. Rabobank recognises that employees need to protect their financial wellbeing, in the event of serious illness, injury, or even death. Rabobank provides eligible permanent employees with employer-funded Death, TPD & Income Protection Insurance Rabo Workplace Giving program. As part of Rabobank's global Corporate Social Responsibility, Workplace Giving aims to encourage employees to contribute to our community. Rabo Workplace Giving program matches employee donations to selected Social Partners Our Values Rabobank Australia values inclusion, belonging, & positive experiences for all. Our work environment, our benefits, & the way we live our values, “Client Driven”, “Responsible”, “Professional” & “Cooperative” make it a great place to work. We welcome applicants from diverse backgrounds. Please let our Talent Acquisition team know if you need any accommodations to make our opportunities more accessible to you. Rabobank is a cooperative bank with a mission. Together with our stakeholders, we have been dedicated to creating a future-proof society and tackling major societal challenges for 125 years. In the Netherlands, we serve retail and corporate customers; globally we focus on the Food & Agriculture sector. Our starting point is: together we can achieve more than we could alone. For big or small challenges, in every area people join forces in search of solutions. Rabobank has been doing this for 125 years. And we will continue to grow a better world together.

Responsibilities

The Offensive Security Engineer will execute high-impact security testing across applications, infrastructure, and cloud environments. They will also partner with engineering and security teams to drive remediation and influence secure-by-design practices.