Senior Penetration Tester

• Have your say in fixing the issues you identify
• Flexible, Sydney-based hybrid role
• Successful, global SaaS business with multiple entities and software products
  
  

About Us

LEAP Dev is the “Software House” powering LEAP Legal Software, the leading provider of Legal Practice Productivity Solutions in the world. We’re part of ATI Global – one of the largest international LegalTech companies. For more than 30 years, our curiosity and commitment to continual improvement has kept us reimagining productivity tools for lawyers and their staff to support our guiding purpose, to ‘Help lawyers who help people’. The market-leading software we develop and support is used by more than 100,000 lawyers and their staff in small and medium-sized law firms.

Working alongside our team of passionate high achievers, you’ll join a fast-growing technology business where things seldom stay the same for long. With more than 1000 smart, caring and ambitious ‘LEAPsters’ working together across Australia, Canada, the United States, the United Kingdom, the Republic of Ireland, Poland and New Zealand, you’ll find yourself in good company here.

Meet the Security team

Our Security team is responsible for securing LEAP’s employees, information, infrastructure and application from cyber-attacks. This involves working with various internal and external stakeholders to best ensure security practices are followed. This newly created Senior Penetration Tester role involves engagements with LEAP Legal Software based primarily in Sydney, with additional engagements with remote development teams. You'll join an established, talented, and friendly team with a dedication to supporting each other to achieve great results. We enjoy investigating threats and analysing malware by leveraging the latest threat intelligence.

What You’ll Do

You're here to test the vulnerabilities and security of all the entities under the LEAP umbrella. This includes the core platform (cloud, desktop, mobile, web) and other entities like LawY and LawConnect. Working closely with development teams and management, you will conduct penetration tests, analyse results, and develop remediation strategies working to address risks.

To Make This Happen, You Will

• Prepare and deliver detailed reports, plans, and other defined outputs of the pen test engagements
• Lead penetration testing and vulnerability assessments for various technologies
• Plan and execute security assessments
• Coordinate project activities like requirements gathering, engagement scheduling, etc
• Report and demonstrate security vulnerabilities to the relevant teams
• Track status of vulnerabilities until fixed and test fixes to confirm
• Train and mentor team members
  
  

What you’ll bring

Along with your extensive experience in penetration testing methodologies and tools, your technical skillset with include:

• Experience hacking at least one of the following technologies – Web Apps, Mobile Apps, Network Infrastructure, Thick Clients
• Experience with one or more general purpose programming or scripting languages such as PowerShell, Python, Perl, Ruby, C#, Java
• Certifications like OSCP, GPEN, GXPN, SEC560, SEC565 and CREST (or equivalent)
• Cloud exposure, primarily Amazon Web Services (AWS)
• Threat Modelling
• Networking skills - routing and diagnostics, firewalls, WAF
• Familiarity with the OWASP Top 10
  
  

You are the type of person who

• Can communicate complex technical findings effectively to both technical and non-technical stakeholders
• Enjoys working collaboratively within cross-functional teams, fostering strong relationships and sharing knowledge to achieve common security goals
  
  

LEAP is an inclusive, people-first company committed to breaking down institutional barriers that keep people from reaching their potential. If you meet some, but not all of the requirements above, we encourage you to still submit your application.

Why join LEAP?

• Your work matters. Helping lawyers help people sits at the heart of everything we do. We solve real world problems that improve and support local, everyday law firms. So that they can do their best work for the people in the communities they serve.
• Make an impact. You won’t be another ‘cog in the wheel’ here. We give full trust and autonomy for you to be heard, to work on big & complex projects – and to make a real difference.
• Work with a group of authentic, passionate people who love what they do.
• Well-funded and global. LEAP is the leading provider of Legal Practice Productivity Solutions across Australia, Canada, the United States, the United Kingdom, the Republic of Ireland and New Zealand. We're part of ATI – one of the largest international LegalTech companies.
• Flexible and hybrid working. We'd like to find this person in Sydney, but we want you to work in a way that suits you and we're open to flexible arrangements that support you.
• Grow your career with us. Our founder Christian Beck has been building legal tech businesses for over 30 years. There are opportunities galore to expand your career based on where your interests lie. We're not afraid to pivot based on market conditions - you will always have the opportunity to stay ahead of the curve and do your best work here.
• Have fun with us. Celebrations. Socials. Sports teams. Access to sailing and yacht events.
• We value your well-being - enjoy an additional paid wellbeing day every year, free gym membership, corporate dental plan and monthly massages in the office. We'll throw in a catered lunch and breakfast every week too. Oh and an on-site barista.