Job Title

Penetration Tester - Cyber SecurityWe are looking for a Penetration Tester to perform ongoing cyber penetration tests on systems identified by Information Systems & Technology (IS&T) and the wider global business.Reporting to the Manager Cyber Threat Intelligence and Offensive Security and working in a collaborative, supportive environment within our global Cyber Security team, you will:Become a core member of Rio Tintos global penetration testing practice.Hack the following on a day-to-day basis:Enterprise Active Directory domainsGlobal IT networksBespoke web applications and client-side softwareMining equipment and production ICS networksAct as an internal subject matter expert on penetration testing and potential remediation recommendations.Be responsible for the management and development of the toolset used to deliver penetration testing services and the delivery of penetration testing services designed to safeguard the companys assets, intellectual property and computer systems.Work with Cyber teams to evaluate new IT technology and determine their appropriateness for product groups focusing on weaknesses and remediation.Identify continuous improvement (efficiency and effectiveness) opportunities with respect to penetration testing services, based on feedback from team and observations of process and deliverables.Be an active team member in the day-to-day delivery of cyber security services.Develop and maintain business-relevant metrics and dashboards to measure the efficiency and effectiveness of penetration testing services to increase the maturity of our Enterprise and I&OT environments.What youll bringSeveral years of experience in penetration testing and information security.Demonstrable experience hacking at least one of the following technologies Web Apps, Mobile Apps, Network Infrastructure, Thick Clients, Active Directory, PCN/SCADA.Experience with one or more general purpose programming or scripting languages such as PowerShell, Python, Perl, Ruby, C#, Java.Coordinating complex operational activities with IT services departments.Certifications like OSCP, GPEN, GXPN, SEC560, SEC565 and CREST (or equivalent) desirable.Excellent collaboration and influencing abilities regarding Cyber Security solutions.Demonstrated ability in report writing.Excellent communication skills.Strong ability to solve complex problems autonomously.What we offerA work environment where safety is always the number one priority.A permanent position working directly for Rio Tinto.A competitive base salary reflective of your skills and experience with annual incentive program.Comprehensive medical benefits including subsidised private health insurance for employees and immediate family.Attractive share ownership plan.Company provided insurance cover.Extensive salary sacrifice & salary packaging options.Career development & education assistance to further your technical or leadership ambitions.Ongoing access to family-friendly health and medical wellbeing support.Leave for all of lifes reasons (vacation/annual, paid parental, sick leave).Exclusive employee discounts (banking, accommodation, cars, retail and more).About Rio TintoRio Tinto is a leading global mining and materials company. We operate in 35 countries where we produce iron ore, copper, aluminium, critical minerals, and other materials needed for the global energy transition and for people, communities, and nations to thrive.We have been mining for 150 years and operate with knowledge built up across generations and continents. Our purpose is finding better ways to provide the materials the world needs striving for innovation and continuous improvement to produce materials with low emissions and to the right environmental, social and governance standards.Every Voice MattersAt Rio Tinto, we particularly welcome and encourage applications from Aboriginal and Torres Strait Islander people, women, the LGBTI+ community, mature workers, people with disabilities and people from different cultural backgrounds.We are committed to an inclusive environment where people feel comfortable to be themselves. We want our people to feel that all voices are heard, all cultures respected and that a variety of perspectives are not only welcome they are essential to our success. #J-18808-Ljbffr