Job Title

St John WA has been serving the Western Australian community since 1922. Our organisation has grown into an integrated healthcare provider, connecting people across WA to lifesaving emergency services, urgent care, and health education. We are a not-for-profit organisation, and we are committed to making a positive impact on the safety, wellbeing, and health of everyone, no matter where in WA they live. Our services are powered by more than 8,000 dedicated employees and volunteers who bring care, skill, and compassion to every corner of the state. About the Role We are looking for a Security Assurance Specialist to join our Digital Services department on a Permanent full-time basis. The Security Assurance Specialist is responsible for the planning, testing and reporting for Penetration Testing activities across St John WAs technology environment. Focusing on identifying and evaluating security vulnerabilities across a variety of technology types, including web applications, infrastructure, APIs, code bases, and more. This position will also support the coordination and scheduling of testing activities between BAU and project, contribute to risk assessment conversations, and engage in purple-teaming activities to improve detection and response capabilities. Working collaboratively across the organisation, the Penetration Tester will help ensure vulnerabilities are effectively identified, understood, and addressed to strengthen overall security posture. What Youll Do Plan, scope and execute penetration testing engagements across web applications, internal systems, cloud platforms, APIs and network infrastructure. Conduct handson testing to identify and validate security vulnerabilities, adapting testing approaches based on target environments, technologies, and emerging threat landscapes. Produce clear, structured, and actionable penetration testing reports outlining vulnerabilities, risk ratings, and recommended remediation actions and translate technical findings into businessrelevant risk insights for stakeholders. Collaborate with development, infrastructure, and cloud teams to provide practical and achievable remediation guidance. Whilst supporting teams in understanding root causes of vulnerabilities and approaches to prevent recurrence. Work collaboratively with defensive security teams to simulate realistic attack scenarios and improve detection and response capabilities. Support purple team exercises by sharing attacker techniques, tools, and insights to validate and enhance monitoring and alerting controls. What Youll Need Mid to Senior experience in Security Assurance or Offensive Security positions. Tertiary qualifications in IT and Cyber Security highly regarded and/or relevant industry certifications (ie OSCP, OSWE, CREST, GPEN) is advantageous. Demonstrable ongoing professional development in testing tools and techniques, and/or specific technologies (ie Azure). Strong analytical and problemsolving skills, with the ability to think critically and identify nonobvious security weaknesses. Demonstrated experience conducting security testing across a variety of technology types, including infrastructure, Cloud, web applications, traditional applications, and internal networks. Ability to coordinate and prioritise testing activities, with exposure to purple/red teaming and AppSec/secure development practices advantageous. Benefits $550 Health and Wellness reimbursement 17.5% leave loading Salary packaging and novated leasing Discounts on first aid equipment Complimentary First Aid Training Complimentary ambulance cover Applications close on Tuesday 26th May 2026 at 6:00pm. St John WA is committed to fostering an inclusive, welcoming, and diverse workplace where everyone feels safe to be themselves. We encourage applications from people of all ages, genders, nationalities, abilities, and cultural backgrounds, including Aboriginal and Torres Strait Islander peoples and the LGBTIQ+ community. St John WA is a childsafe organisation and takes a proactive approach to child safety. We ensure all children engaged in St John WA services are protected, respected, and empowered. Our commitment is supported by clear policies and procedures that reinforce our safeguarding practices. St John WA reserves the right to select a shortlist from the applications received. The selection process employed will be at the discretion of St John WA. #J-18808-Ljbffr