Day in the life of a principal penetration tester (EL 2)

Find out what it’s like to work as a principal penetration tester (EL 2) in the Australian Public Service (APS).

We spoke to a number of principal penetration testers working in the APS to help us understand what their day involves.

Principal penetration testers in government play a vital role leading the department’s penetration testing program through technical expertise and strategic oversight. Their primary responsibility is to protect the department’s systems. They manage comprehensive penetration testing programs, cultivate the skills of junior staff and lead intricate, high-stake security engagements that are critical to the department.

My day starts with a quiet moment to review messages and updates from our ticketing system. I flag anything urgent and make note of new penetration test requests or changes in scope. At 9:30 AM, I lead our daily team stand-up, a quick but focused discussion. We share ongoing test progress, blockers and highlight any interesting findings from the previous day.

Next, I shift into the first major task of the day. It is a planning session with our lead penetration testers to triage and prioritise upcoming penetration tests. We review new requests that have come through. This can range from cosmetic updates in existing systems to business-critical systems that have never been tested before. It’s a strategic conversation. We have to balance risk, business impact and resource availability to ensure we’re assessing the right systems at the right time.

After a quick lunch, I sit down with a few of our junior penetration testers. They've been struggling to reverse-engineer a custom encryption function used by a legacy internal desktop application within the department. We decompile the application together. We extract the key functions responsible for the encryption logic and begin building a standalone program attempting to decrypt captured data. It’s a hands-on session. It helps them build their reverse engineering skills and builds their confidence in tackling obscure, undocumented systems. This is an essential skill in government offensive security work.

Once they’re back on track, I shift gears to wrap up a presentation. I will be presenting this at next week’s whole-of-Australian government offensive security forum. The talk focuses on lessons learned from performing penetration tests on a recently on-boarded Software-as-a-Service (SaaS) system. It’s a chance to share insights and foster collaboration. It helps shape the future of offensive security and penetration testing practices across government.

That afternoon, I return to a penetration test I’ve been leading for the last few weeks. It is an assessment of the department’s newly upgraded mainframe infrastructure. The complexity of this engagement is unlike most others. It demands creative thinking, technical agility and an ability to rapidly digest unfamiliar technologies.

I spend the afternoon researching advanced attacks and learning about older mainframe technologies. I then use specialised tools to search for misconfigurations that could expose sensitive data or allow privilege escalation. It’s a mental workout, but also deeply rewarding. This kind of challenge is where the real growth happens, both for me and the team, watching how we approach the unknown.

Learn more about the skills, and how to upskill to be a principal penetration tester (EL 2) on APS Career Pathfinder.