Security Consultant

The work we do matters
We protect and defend our customers and communities by providing the widest range of cyber security professional services in the region.

With more than 1,400 team members across Australia, New Zealand, the UK and US, we are a leading force in cyber security, offering services from strategy, GRC, managed security services, cloud security, digital forensics and cyber education.

If you're ready to work with teammates that get you, a leader that supports you and customers that need you, then you're ready for CyberCX.

Unimagined opportunity with our Security Testing & Assurance team
On our team, you get access to an unmatched range of customers, work on unique projects, and work alongside some of the best in the industry.

If you're keen to get out from behind a desk, we also test hardware (like ATMs, medical devices, satellites, and various operational technology) and we put our customers to the test with social engineering, red teaming, and physical penetration testing.

We celebrate our craft (monthly Hack of the Month), share our discoveries (internal only conference), and support and encourage the industry through local meet ups and cons.

What This Role Involves
As a security consultant your responsibilities are to deliver on security testing and technical assessment engagements, grow your consultancy skills, progress your technical skillset, and positively contribute to our culture.

Day to day you will:

• Conduct security tests on customer information systems, infrastructure, software, network - remotely or onsite
• Provide robust and considered remediation advice that addresses security weakness and improves security posture
• Develop metrics to enable our customers to make informed decisions about the posture of their environment and their remediation roadmap

Skills and experience
This role requires full working rights in Australia (no current or future sponsorship).

A minimum of two years as a security testing/cyber practitioner in which you have developed capability in managing client expectations, your time, technical security testing, and report writing.

• Working knowledge of web application and network security, with hands-on experience in manual testing techniques and the use (and limitations) of automated scanners
• Strong written and verbal communication skills
• Effective stakeholder engagement
• Strong analytical and problem-solving skills
• Knowledge of various technologies - operating systems, networks, and enterprise applications (such as Active Directory)
• Hold or are working towards certifications such as OSCP, CREST CCT (Applications or Infrastructure), or SANS.
• Experience with cloud and container technologies like AWS, Azure, or Kubernetes is a plus
• Proficiency in a programming language such as Python, Java, JavaScript, or C++ would be great

Interested but don't meet every item listed above? If you're excited about this role but your experience doesn't align precisely, please still apply. You could be just the right person for this role and CyberCX.

Great advantages for great people
A salary package that recognises your experience plus a range of advantages (just some of which are listed below – ask us for a benefits brochure).

• Flexible working in a hybrid arrangement (a blend of office and WFH) with modern and comfortable workplaces that accommodate different working styles
• Personalised development planning, access to training and membership to industry organisations
• Salary packaging options (such as a novated car lease)
• Health & Wellbeing program including access to our employee assistance service, mental wellness leave, online CyberCX Wellbeing Centre and workplace mental health first aiders
• Discounts on health insurance and gym membership plus savings on everyday groceries, electronics, technology, fuel, travel and more