Senior Security Consultant

Overview

Position Summary & Primary Objectives
Reporting to the Managing Security Consultant – STA, the Senior Security Consultant – STA is responsible for carrying out penetration testing and technical security assessments against complex environments and providing security expertise to CyberCX clients. The Senior Security Consultant – STA contributes to pre-sales by undertaking scoping activities, and supports less experienced members of STA.

Reporting to the Managing Security Consultant – STA or Team Lead – STA, this role involves leading penetration tests and providing security consulting to clients with complex testing requirements, contributing to pre-sales scoping, and mentoring STA staff.

Key Roles & Responsibilities

• Deliver application, network, systems, and infrastructure penetration tests for customers, specifically those with large or complex testing requirements. Perform the top five and emerging STA services offered by the Practice to a high standard, as well as most of the other services in the services catalogue
• Prepare high quality reports detailing security issues, making recommendations, and identifying solutions
• Build and promote strong, long-lasting relationships with a diverse range of customers, and identify and explore opportunities within existing and new customers
• Engage with Customer Sales and Customer Solutions team in a pre-sales capacity to assist with scoping, costing, proposals, RFQs and tenders
• Lead discussions with customers including kick-off meetings, regular updates, and present back on testing performed, key results, recommendations, and the next steps
• Ensure that KPIs around client expectation management, delivery deadlines, quality of work and deliverables etc are met, including conducting quality management
• Share knowledge with, coach and mentor others in STA to enable learning, development, and capability uplift and to build a high performing team
• Create a culture of empowerment, collaboration, and accountability through consistent employee engagement
• Assist with R&D, innovation, and practice improvement activities, ensuring R&D and innovation are at the centre of what we do

Preferred Qualifications, Experience & Skills

• Tertiary qualification in information systems, software development or a similar field, or equivalent industry experience
• Penetration testing certifications such as SANS, OSCP, CREST CCT (Applications or Infrastructure) or other (preferred but not essential)
• A minimum of 4 years as a security testing practitioner / cyber practitioner
• Strong stakeholder engagement and communication skills
• Strong analytical and problem-solving skills, and the ability to build sustainable, scalable solutions and processes to meet complex operational problems
• Skilled in responding to setbacks in an agile and resilient manner

Personal Attributes

• Professional and ethical, you inspire trust and confidence through integrity and respect
• Customer-obsessed and a self-starter, you go above and beyond to deliver extraordinary results and experiences for customers
• Innovative and open to change, you are focused on finding opportunities for continuous improvement and ways to optimise work processes
• Collaborative and with an enterprise mindset, you speak up and welcome all input, opinions, and questions
• Emotionally intelligent, you demonstrate empathy, connection, and assertiveness

About CyberCX

CyberCX is the leading independent cyber security services organisation in Australia and New Zealand. CyberCX is Australia's greatest force of cyber security professionals. CyberCX has united the country's most trusted cyber security companies to deliver the most comprehensive end to end cyber security services offering to Australian enterprises and governments. We are cyber security experts first and foremost. We're a unified team of highly qualified, certified and skilled professionals working together on the same mission: to protect and defend Australian organisations from cyber threats. We specialise in: Strategy & Consulting | Governance, Risk & Compliance | Security Testing & Assurance | Identity & Access Management | Security Integration & Engineering | Managed Security Services | Digital Forensics & Incident Response | Cyber Capability, Education & Training

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology
• Industries
• Computer and Network Security

Sydney, New South Wales, Australia

#J-18808-Ljbffr

---