Job title: Principal Vulnerability Assessor
Job type: Contract
Emp type: Full-time
Pay interval: Hourly
Pay rate: negotiable
Job published: 13/02/2026

Job Description

Job Title: Principal Vulnerability Assessor (EL2)

Security Clearance: Negative Vetting Level 1

Duration: Initial 12 months with up to 24 months extensions

Industry: Information Technology

Functional Expertise: Cyber Security

Sub-functional Expertise: Vulnerability Management

Location of work: ACT, VIC, SA

Working arrangements: The preference is for services to be undertaken at our client’s premises in Canberra. Melbourne or Adelaide may be considered for exceptional candidates. A hybrid arrangement may be considered from these locations; however, the successful candidate will be required to work in the office for the first 6 weeks. Ongoing hybrid arrangements will require attendance in the office 3 days per week.

Closing date: 9AM Tuesday, 24 February 2026

Description:

Our client is seeking a Principal Vulnerability Assessor (EL2) to support and enhance its vulnerability management capability. The successful candidate will play a key role in identifying, assessing and prioritising threat vulnerabilities identified through penetration testing, with a focus on strengthening security architecture and improving risk awareness across the organisation.

This role will require strong expertise in Rapid 7 Insight Vulnerability Management (IVM), including configuration, reporting and integration with related tools, to support the continued rollout of scanning configurations in line with detailed design documentation.

Responsibilities:

  • Configure Rapid 7 Insight Vulnerability Management (IVM) in accordance with detailed design documentation and organisational requirements
  • Continue the rollout of scanning configurations within Rapid 7
  • Identify, assess and prioritise threat vulnerabilities identified through penetration testing
  • Produce reports from Rapid 7 IVM to support the vulnerability management process
  • Assist with integration between Rapid 7 and other vulnerability reporting tools, including Archer
  • Provide Rapid 7 technical and administration training to internal resources
  • Contribute to improving security architecture and enhancing risk awareness

Requirements:

  • Demonstrated experience as a Rapid 7 technical specialist
  • Experience with API integrations
  • Proven capability in vulnerability management
  • Systems engineering experience
  • Knowledge of PSPF ISM Essential 8

Key Capabilities:

  • Advanced expertise in Rapid 7 Insight Vulnerability Management (IVM)
  • Experience with Rapid 7 EASM
  • Strong analytical skills to assess and prioritise vulnerabilities
  • Ability to produce detailed and accurate technical reports
  • Strong stakeholder engagement and training capability
  • Ability to work in accordance with detailed technical design documentation

Essential Criteria:

  • Rapid 7 IVM experience
  • Rapid 7 EASM experience
  • API integrations

How to apply:

Please submit your application including your resume and a completed application form addressing the essential and desirable criteria. Ensure your application highlights your experience and any relevant certifications.