Security Consultant, Security Testing

Security Consultant, Security Testing & Assurance Join us as a Security Consultant (STA) to drive secure design, assess risks, and uplift controls across systems in a dynamic high-impact environment.
25th August, 2025 The work we do mattersWe protect and defend our customers and communities by providing the widest range of cyber security professional services in the region.With more than 1,400 team members across Australia, New Zealand, the UK and US, we are a leading force in cyber security, offering services from strategy, GRC, managed security services, cloud security, digital forensics and cyber education.If you're ready to work with teammates that get you, a leader that supports you and customers that need you, then you're ready for CyberCX.Unimagined opportunity with our Security Testing & Assurance teamOn our team, you get access to an unmatched range of customers, work on unique projects and do it while working alongside some of the best in the industry.If you're keen to get out from behind a desk, we also test hardware (think ATMs, medical devices, satellites, and various operational technology) and we put our customers to the test with social engineering, red teaming, and physical penetration testing.We celebrate our craft (think Hack of the Month), share our discoveries (internal conferences where we share our research) and you've probably seen our team at local meet ups and cons because we support and encourage them to get involved.What this role involvesAs a security consultant your responsibilities are to deliver on security testing engagements, grow your consultancy skills, progress your technical skillset and positively contribute to our culture.Day to day you will:Conduct security tests on customer information systems, infrastructure, software, network - remotely or onsiteProvide robust and considered remediation advice that addresses security weakness and improves security postureDevelop metrics to enable our customers to make informed decisions about the posture of their environment.
25th August, 2025 The work we do mattersWe protect and defend our customers and communities by providing the widest range of cyber security professional services in the region.With more than 1,400 team members across Australia, New Zealand, the UK and US, we are a leading force in cyber security, offering services from strategy, GRC, managed security services, cloud security, digital forensics and cyber education.If you're ready to work with teammates that get you, a leader that supports you and customers that need you, then you're ready for CyberCX.Unimagined opportunity with our Security Testing & Assurance teamOn our team, you get access to an unmatched range of customers, work on unique projects and do it while working alongside some of the best in the industry.If you're keen to get out from behind a desk, we also test hardware (think ATMs, medical devices, satellites, and various operational technology) and we put our customers to the test with social engineering, red teaming, and physical penetration testing.We celebrate our craft (think Hack of the Month), share our discoveries (internal conferences where we share our research) and you've probably seen our team at local meet ups and cons because we support and encourage them to get involved.What this role involvesAs a security consultant your responsibilities are to deliver on security testing engagements, grow your consultancy skills, progress your technical skillset and positively contribute to our culture.Day to day you will:Conduct security tests on customer information systems, infrastructure, software, network - remotely or onsiteProvide robust and considered remediation advice that addresses security weakness and improves security postureDevelop metrics to enable our customers to make informed decisions about the posture of their environment.Skills and experienceThis role requires full working rights in Australia (no current or future sponsorship).
A minimum of two years as a security testing/cyber practitioner in which you have developed capability in managing client expectations, your time, technical security testing, and report writing.Working knowledge of web application and network security, with hands-on experience in manual testing techniques and the use (and limitations) of automated scannersEffective stakeholder engagement and communication skillsStrong analytical and problem-solving skillsKnowledge of various operating systems and networks, especially Linux, Windows, and Active DirectoryRelated certifications such as OSCP, CREST CCT (Applications or Infrastructure), SANS or other (apply even if you're still working towards any of these)Experience with cloud and container technologies like AWS, Azure, or Kubernetes is a plusProficiency in a programming language such as Python, Java, JavaScript, or C++ would be greatInterested but don't meet every item listed above?
If you're excited about this role but your experience doesn't align precisely, please still apply.
You could be just the right person for this role and CyberCX.Great advantages for great peopleA salary package that recognises your experience plus a range of advantages (just some of which are listed below - ask us for a benefits brochure).
Flexible working in a hybrid arrangement (a blend of office and WFH) with modern and comfortable workplaces that accommodate different working stylesSalary packaging options (such as a novated car lease)Health & Wellbeing program including access to our employee assistance service, mental wellness leave, online CyberCX Wellbeing Centre and workplace mental health first aidersDiscounts on health insurance and gym membership plus savings on everyday groceries, electronics, technology, fuel, travel and morePersonalised development planning, access to training and membership to industry organisationsBe yourself.We embrace diverse perspectives, experiences, and backgrounds.
Please let us know if you require additional support or adjustments to assist with your recruitment experience.We take security seriously.We require all employees to complete background checks (including police and global sanction list checks) annually.Where appropriate, the CCX Talent Team will work with our preferred panel of agencies.
Fees will not be paid for unsolicited resumes that are submitted directly to hiring managers and not through our approved process.Apply For Job