Principal / Lead Penetration Tester

We’re looking for a senior offensive security leader to step into a pivotal role within a high-performing Cyber Security team – someone who doesn’t just run penetration testing, but defines what it becomes next.

This is a rare opportunity to shape the future of penetration testing, act as 2IC to the current manager, and help steer the team through the disruption of AI, automation, and rapidly evolving threat landscapes.

If you’re someone others rely on, trust, and look to for direction – this role was built for you.

What you’ll be trusted to do

• Grow and shape the future of penetration testing, setting direction, maturity and ambition
• Act as second-in-charge to the Penetration Testing Manager, providing leadership, stability and judgement
• Navigate the turmoil of AI and automation, translating emerging risk into practical offensive capability
• Drive the team into the unknown – future threats, new tooling, new attack surfaces
• Be the person people rely on – technically, ethically and professionally
• Set the standards for quality, rigour and reporting – and be the shining beacon others measure against
• Establish and embed technical ethics across offensive security practices
• Lead, mentor and uplift a talented team of penetration testers
• Oversee and deliver penetration testing across web, APIs, mobile, cloud, infrastructure and hardware
• Shape testing strategy, pipelines, scope depth and prioritisation across a complex environment
• Ensure consistently high-quality outputs through technical review, coaching and process improvement

What you’ll bring

• Proven experience leading penetration testing in a large, complex organisation
• Deep hands-on expertise across modern platforms (web, API, mobile, cloud, infra, hardware)
• Strong grounding in penetration testing frameworks and methodologies (OWASP, OSTTMM, WAHH, etc.)
• The credibility to challenge, influence and guide senior stakeholders
• A genuine passion for ethical hacking, continuous learning and technical excellence
• Experience uplifting teams and setting a long-term vision, not just delivering tests
• Advanced security certifications (OSEP, AWAE, CREST, SANS Advanced or similar)
• Clear, confident communication – especially when explaining complex risk

Why this role stands out

This isn’t a “run the same playbook” role.
It’s about setting the playbook, being trusted to lead through uncertainty, and helping define how offensive security evolves in an AI-accelerated world.

If you’re ready to step into a role where your judgement, ethics and leadership truly matter – we’d love to hear from you.

Acknowledgement of Country

Salt respectfully acknowledges the Traditional Owners of the lands across Australia as the continuing custodians of country and culture. We recognise the enduring connection that Aboriginal and Torres Strait Islander peoples have to the lands, waters, and skies.

We pay our respects to all First Nations Australians and their Elders past and present.

We’re proud to have won the Best Mid-Sized Recruitment Company to Work For at the 2023 TIARA Recruitment Awards, and to have been finalists, for the second year in a row, in the Client Service and Recruitment Leader of the Year categories! At Salt, our mission is Creating Futures by putting our clients, candidates, partners, and team members at the heart of everything we do. We extend our sincere appreciation to everyone who has contributed to our continued success.

Salt acknowledges the Traditional Owners of the lands across Australia as the continuing custodians of country and culture. We pay our respects to all First Nations Australians and their Elders past and present.