Hiring – Penetration Testers


April 03, 2014

Penetration Tester Roles

LOCATION:  Sydney, Melbourne

VISA: Must currently have permission to work full time in Australia
NB: All successful applicants will need to successfully pass criminal history and background checks

SALARY: Dependent upon successful applicant (plus over 6 weeks leave per year).

JOB DESCRIPTION:
Securus Global is currently looking for an experienced web application penetration tester to join our team in Sydney or Melbourne. This is a challenging and varied role with predominantly project-based, hands-on engagements that include, but are not limited to:

  • Web application penetration testing
  • Network vulnerability assessment
  • Application source code review
  • Application reverse engineering

KEY REQUIREMENTS:
The following are the key mandatory skill and experience requirements for the role.
(Please only apply if you meet these criteria):

  • A passion for Information Security
  • Knowledge of common web application programming languages
  • Familiarity with common web application testing tools
  • Excellent oral and written communication skills
  • Self-motivated and an ability to meet deadlines
  • Able to work unsupervised and in a team environment
  • High personal standards and expectations of quality and results
  • High ethical standards and understanding of the importance to maintain client confidentiality and integrity

Securus Global is a small, dynamic organisation that requires each and every person to step up to the plate. We have a strong reputation for excellence in delivery and expect quality in all we do. You will not be able to get lost in the crowd here and you will have opportunities for growth that are only limited by yourself.

Send your application in text file format to: jobs@securusglobal.com

No recruiters please. We have a PSL that we’re currently working with and are not looking to add to it at this time. If we receive unsolicited CVs other than directly from a candidate, we reserve the right to contact the candidate directly and initiate discussions without payment of any agency fee.

Unfortunately, we often find that people will apply for positions for us without reading the job description fully. To help avoid us having to sift through irrelevant CVs, please ensure that you include the word ashes in your application so that we know you’ve read this entire page. No ashes, no reply.

Ensuring security in a changing tech environment


April 01, 2014

Technology is in a constant state of flux as new devices are released and manufacturers make inroads towards establishing new device categories.

For consumers, this means a constant range of new, exciting devices to choose from, whether they're mobile phones or desktop computers. For businesses, this means tough purchasing considerations, as a variety of factors need to be considered. One area that may be overlooked with new machine purchases throughout this year is security.

Continue reading

April 2014 Newsletter

We hope you enjoy reading the case studies in this months newsletter.
We’ve included a variety of articles to appeal to the range of our stakeholders, from the technically minded to the executive levels and everything in between. Eg:

* Board communications security and the move to mobile technologies
* How I got root with Sudo
* Security Pitfalls of a Shared Portal
* Tripwire – Security Configuration Management
* Securus Global – Community

Read more: http://createsend.com/t/j-F7BCBF3C4D9881A9

Australian banks targeted by Malware


March 29, 2014

Australian bank customers could be at risk as a new virus designed to steal banking information has begun spreading.

Australian customers have recently fallen victim to a slew of Malware attacks. Called Hesperbot, the trojan was first observed overseas in Turkey, which remains its most targeted area. The virus has subsequently been seen in Portugal and the U.K, as well as the Czech Republic.

Continue reading

Board communications security and the move to mobile technologies.


March 27, 2014

This case study follows a review we undertook for an ASX Top 20 company. It addresses security of information at the Executive and Board levels – communications, distribution, sharing etc with the move to mobile technologies in the Boardroom.

The results of our work went straight to the top and culminated in the company re-assessing how they were protecting this strategic and highly confidential information. The implications of not doing so, could have had dire results in the event of a compromise. Once we delivered our results, the company understood and responded immediately. (However, most companies are still not doing this as they are unaware of the risks).

Download here: Case Study – Securing the Technology Change Agenda

Cyber criminals may be changing tactics


March 25, 2014

Cyber criminals may be changing tactics as technology evolves, focusing on new devices that haven’t had proper security systems developed.

Often these new devices are privy to sensitive information, and a data breach could lead a business into significant trouble. Any change in criminal tactics should be cause to update enterprise security systems.

Continue reading

Ensuring business security with the Internet of Things


March 21, 2014

The Internet of Things (IoT) has been a major area of growth for the IT sector over the past few years, promising a wide array of benefits for businesses moving into the space.

Adoption of the trend could lead businesses into security troubles, though, as many won't be equipped to deal with the sheer amount of data produced. As such, security and testing need to become primary considerations for businesses moving into IoT operations.

Continue reading

Case study: Securing the Technology Change Agenda.

Understanding and managing the security risk of technology change initiatives.

ABSTRACT:
Businesses are increasingly seeking to leverage new technologies such as mobile and cloud to enable strategic initiatives, realise business efficiencies, support a flexible, productive workforce and facilitate innovation.

Although these initiatives provide many business benefits, the rapidly evolving technology landscape can also introduce significant security risks that threaten the confidentiality, integrity or availability of sensitive corporate information. In the modern, connected age such compromises can have a significant negative impact to corporate reputation and business performance.

Understanding, identifying and mitigating the security risks inherent in the use of such technology is necessary to allow businesses to realise the benefits of investment in new technology initiatives while maintaining their desired security posture.

Download here: Case Study – Securing the Technology Change Agenda 

Case study: Security Pitfalls of a Shared Portal.

Lessons learned from a custom portal development project.

ABSTRACT:
This paper sets out to examine the lessons learned from a client who commissioned a custom web portal to be developed. During our security assessment, we found a number of significant security vulnerabilities which lead to data theft, account take over and system compromise.

The security pitfalls which lead to the compromises will be outlined along with the recommendations and strategies for avoiding these issues within your own projects.

Download here: Case-Study—Security-Pitfalls-of-a-Client-Portal

Do wearables pose a business security threat?


March 20, 2014

Wearable devices are set to be the next area of IT growth, and will certainly see business implementation due to their efficiency and financial benefits.

These devices offer fast communication at lower prices than that of mobile phones or tablets. By using these devices businesses will be able to speed up both collaboration and communication. Security risks, however, will be presented with device adoption.

Continue reading

Post navigation

More posts