Job title: Principal Vulnerability Assessor
Job type: Contract
Emp type: Full-time
Pay interval: Hourly
Pay rate: negotiable
Job published: 13/02/2026

Job Description

Job Title: Principal Vulnerability Assessor (EL2)

Security Clearance: Negative Vetting Level 1

Duration: Initial 12 months with up to 24 months extensions

Industry: Information Technology

Functional Expertise: Cyber Security

Sub-functional Expertise: Vulnerability Management

Location of work: ACT, VIC, SA

Working arrangements: The preference is for services to be undertaken at our client’s premises in Canberra. Melbourne or Adelaide may be considered for exceptional candidates. A hybrid arrangement may be considered from these locations; however, the successful candidate will be required to work in the office for the first 6 weeks. Ongoing hybrid arrangements will require attendance in the office 3 days per week.

Closing date: 9AM Tuesday, 24 February 2026

Description:

Our client is seeking a Principal Vulnerability Assessor (EL2) to support and enhance its vulnerability management capability. The successful candidate will play a key role in identifying, assessing and prioritising threat vulnerabilities identified through penetration testing, with a focus on strengthening security architecture and improving risk awareness across the organisation.

This role will require strong expertise in Rapid 7 Insight Vulnerability Management (IVM), including configuration, reporting and integration with related tools, to support the continued rollout of scanning configurations in line with detailed design documentation.

Responsibilities:

  • Configure Rapid 7 Insight Vulnerability Management (IVM) in accordance with detailed design documentation and organisational requirements
  • Continue the rollout of scanning configurations within Rapid 7
  • Identify, assess and prioritise threat vulnerabilities identified through penetration testing
  • Produce reports from Rapid 7 IVM to support the vulnerability management process
  • Assist with integration between Rapid 7 and other vulnerability reporting tools, including Archer
  • Provide Rapid 7 technical and administration training to internal resources
  • Contribute to improving security architecture and enhancing risk awareness

Requirements:

  • Demonstrated experience as a Rapid 7 technical specialist
  • Experience with API integrations
  • Proven capability in vulnerability management
  • Systems engineering experience
  • Knowledge of PSPF ISM Essential 8

Key Capabilities:

  • Advanced expertise in Rapid 7 Insight Vulnerability Management (IVM)
  • Experience with Rapid 7 EASM
  • Strong analytical skills to assess and prioritise vulnerabilities
  • Ability to produce detailed and accurate technical reports
  • Strong stakeholder engagement and training capability
  • Ability to work in accordance with detailed technical design documentation

Essential Criteria:

  • Rapid 7 IVM experience
  • Rapid 7 EASM experience
  • API integrations

How to apply:

Please submit your application including your resume and a completed application form addressing the essential and desirable criteria. Ensure your application highlights your experience and any relevant certifications.

File types (doc, docx, pdf, rtf, png, jpeg, jpg, bmp, jng, ppt, pptx, csv, gif) size up to 5MB
File types (doc, docx, pdf, rtf, png, jpeg, jpg, bmp, jng, ppt, pptx, csv, gif) size up to 5MB