Day in the life of a lead penetration tester (EL 1)

Find out what it’s like to work as a lead penetration tester (EL 1) in the Australian Public Service (APS).

We spoke to a number of lead penetration testers working in the APS to help us understand what their day involves.

Lead penetration testers in government play a critical role in the end-to-end delivery and oversight of individual penetration test engagements. Their primary responsibility involves leading and managing complex technical security assessments. They ensure the quality and depth of testing. They provide direct guidance and mentorship to the team of testers assigned to a specific engagement.

The day begins early with a quick scan through messages and outstanding service requests. One of the tests I’m responsible for is scheduled to start today. I’m looking for anything urgent that’s come in over the weekend that may impact the start of this test. This could be environment issues or other roadblocks.

At 9:30 AM, I host a kick-off meeting for the penetration test that is starting today. I have been setting it up over the last few weeks with a select group of penetration testers from my team. During this session, I outline the scope and constraints of the engagement. I highlight key areas of focus and provide a brief walkthrough of the target application’s functionality to ensure everyone is aligned.

Before wrapping up, I assign initial tasks, such as target research and vulnerability scanning. I base this on each team member’s strengths and areas of expertise, setting the stage for a coordinated and efficient testing effort.

After the meeting, I dive into the penetration test engagement itself, targeting the latest release of a government mobile application. This assessment demands advanced techniques to analyse and manipulate mobile traffic, particularly in environments hardened with modern security controls. I aim to identify vulnerabilities that could expose sensitive data or compromise user privacy.

I spend the rest of the morning configuring various mobile devices to work with specialised tools so I can inspect and analyse network traffic originating from the application.

After lunch, I host the weekly technical workshop. The workshop aims at sharpening the offensive security skills of our team. This week’s session centres on advanced wireless attacks, a critical but often overlooked area of penetration testing. I guide the team through the setup of various wireless network configurations.

This is followed by hands-on exercises using both hardware and software tools to simulate real-world attack scenarios. These workshops reinforce technical proficiency. They also foster collaboration and creative problem-solving within the team.

The afternoon shifts from hands-on technical work to more collaborative and strategic planning. I lead a meeting to discuss an upcoming penetration test on a new Software-as-a-Service (SaaS) product the department has recently procured.

The objectives of the meeting are to discuss setup requirements and logistics for the upcoming penetration test. We talk with both internal teams from my department, as well as the SaaS vendor.

This session demands my technical expertise to accurately scope the assessment and anticipate potential challenges. It also requires strong communication skills to articulate complex security requirements to a variety of stakeholders. It requires negotiation and diplomacy to align diverse interests. I have to balance the security requirements of the department with the limitations imposed by the SaaS vendor.

My role here is to ensure that all necessary access, documentation and environment configurations are agreed upon. This lays the groundwork for a comprehensive and effective penetration test while managing expectations for all parties.

Before wrapping up the day, I review a penetration test request sent to me by our coordination team. It concerns recent changes to a business-critical internal system. I conduct a thorough assessment of the request. I focus on how the proposed modifications may alter the system’s attack surface while also evaluating the request against our current testing backlog. Based on this analysis, I provide recommendations on whether a penetration test should proceed.

Learn more about the skills, and how to upskill to be a lead penetration tester (EL 1) on APS Career Pathfinder.