Title:  Penetration Tester

He aha ai tātou – Why us?

At One NZ we’re not just imagining the future, we’re building it. Our purpose? A better-connected Aotearoa New Zealand. Kia renarena te taukaea i Aotearoa New Zealand.
Our ambition? To become the most AI-enabled telco on the planet. This isn’t just about our technology, It’s about you. We’re investing in our people like never before.... empowering them to grow, lead, and shape what’s next.
Through our AI School, access to world-class learning platforms, or career pathways that evolve with you, we create an environment where your curiosity thrives, and your skills accelerate.
Join us and be part of something extraordinary: connect with purpose and help redefine what’s possible.
Uia mai koe te pātai, he aha te mea nui o tēnei ao? Māku koe e ki atu he tangata, he tangata, he tangata.
“If you asked me, what is the greatest thing in this world, I would say it is people, it is people, it is people.”

Ko tō tūranga – your role

As the Penetration Tester your role is to drive the identification and remediation of security weaknesses across One New Zealand through authorised offensive security testing, security design reviews, and risk-based assurance. Working alongside a senior team member, you will deliver technical security assessments across applications, infrastructure, cloud platforms, APIs, identity systems, AI, containers & Kubernetes while partnering closely with Cyber and IT teams to provide actionable insights, support remediation, and validate fixes.

Ko tō mahi – what you’ll do

Plan and deliver authorised penetration tests across applications, APIs, infrastructure, cloud, identity, and end-user environments in line with agreed scope and controls
• Conduct threat-led and scenario-based testing to simulate real-world attacker behaviour across critical systems
• Perform security assessments of web, mobile, API, and thick-client applications aligned to relevant standards
• Assess container and Kubernetes environments, including cluster security, RBAC, and workload isolation risks
• Evaluate Gen AI and agentic solutions for attack paths such as prompt injection, data leakage, and misconfiguration
• Review identity and access controls, including authentication flows, privileged access, and lateral movement risks
• Produce high-quality reports outlining risks, evidence, exploitability, and prioritised remediation actions
• Partner with engineering teams to support remediation, deliver debriefs, and validate fixes through retesting
• Contribute to continuous improvement of offensive security capabilities, including tooling, automation, and playbooks
• Support purple teaming and incident readiness activities in collaboration with Cyber Defence teams

Na tōu rourou - what you’ll bring

• Proven hands-on experience delivering penetration testing across applications and infrastructure in an enterprise environment
• Understanding of Windows/Linux security, networking fundamentals, and common attack techniques
• Experience testing web, API, and mobile applications with knowledge of OWASP Top 10 and secure design principles
• Cloud security testing experience across AWS/Azure, including IAM, network controls and misconfiguration risks
• Knowledge of container and Kubernetes security, including workload identity, RBAC, and network policies and ability to assess cluster and workload risks
• Scripting/automation skills to support repeatable testing & analysis
• Ability to translate complex technical findings into clear business risk and prioritised remediation guidance/deliverables
• Understanding of vulnerability management and risk assessment processes
• Relevant certifications such as OSCP, CREST, GIAC, and cloud security certifications

Nā mātou te rourou – what you’ll get

• One New Zealand is leading the way by ensuring you can have a truly balanced life. Most roles allow flexibility to work from home and flex your hours to enjoy work & whānau commitments.
• A fully subsidised Southern Cross health insurance cover for you and your family.
• Lifestyle leave, giving you the option to purchase an extra week or two of annual leave.
• Discounts on One New Zealand products, services and much more!

We are proudly Rainbow Tick certified and champion diversity of thought, perspective and background. Joining our whānau is more than starting a new job - it’s the beginning of a journey that will challenge and inspire you to play a role in something bigger.
Tū hikitia rā, tū hāpainga. Tū hāpainga, tū hikitia rā.
We stand to uplift, to support and to elevate others.

Dean Whittingham #LI-DW1