Group
Occupation
271137 Penetration Tester
Latest release
OSCA - Occupation Standard Classification for Australia
Reference period
2024, Version 1.0
Released
6/12/2024
First release
271137 Penetration Tester
Creates test cases using in-depth technical analysis of risks and typical vulnerabilities, and produces test scripts, materials and packs to test new and existing software or services. Plans, coordinates and conducts cyber threat emulation activities in support of certification, accreditation and operational priorities to verify deficiencies in technical security controls.
Alternative title
- Ethical Hacker
Skill level: 1
Main tasks
- Develops and executes penetration testing methodologies and strategies to identify weaknesses in security controls
- Creates test cases using in-depth technical analysis of risks and typical vulnerabilities
- Produces test scripts, materials and packs to test new and existing software or services for vulnerabilities
- Plans, coordinates and conducts cyber threat emulation activities to verify deficiencies in technical security controls, and provides recommendations for remediation
- Identifies vulnerability exploitations and potential attack vectors into a system, and analyses vulnerability scan results to assess security loopholes and threats
- May conduct phishing attacks or other tests to evaluate the effectiveness of security awareness training