The Opportunity
The Security Consultant will assist the Assurance divisionin performing penetration tests and other assurance related activities, and theproduction of high-quality deliverables for our clients. You will use a mixtureof manual testing and automated tooling to enumerate our clients’ systems toidentify and exploit vulnerabilities.
Working as part of our Cyber Security team, the role willseek out and identify passive threats to network integrity. Using yourestablished testing experience across network, application and mobileenvironments, the role will work closely with customers, with the aim ofproviding reports on findings, working as the primary technical contact forproject delivery.
Responsibilities
Billable Engagements
- Hands on delivery of assurance project acrossmultiple penetration testing and assurance disciplines. Primarily External,Web/API, Internal, Cloud Audits, Social Engineering.
- Working under supervision of a Senior consultantor working alone.
- Production of high quality and actionablereports, which are drafted and delivered on time.
- Continuous learning – personal and professionaldevelopment. Keeping up to date with the latest tools, tactics and techniques.Gaining certifications and cross skilling.
- Providing support with internal assuranceprojects and activities. Includes maintenance and upgrading of infrastructureand tooling, marketing activities, and providing pre-sales support.
- Providing support to junior members of theAssurance team.
- Maintaining regular, meaningful and timelycommunications with customers during engagements.
- Reporting and escalation of issues/roadblocksduring engagements.
- Time management – self managing time on abillable engagement to ensure that the scope and reports are completed withinthe allocated time period.
Non billable projects
- Undertake activities that generate improvements,efficiencies, increase revenue or reduce costs.
- Undertake activities relating to the maintenance of toolingand infrastructure.
- Supporting the development and uplift of policies andprocedures, reporting tools and deliverables.
- Keep a head of the curve, learn new skills and share it withthe team. Keep on top of training requirements during quieter periods
Customer Service and Communication is Key
- Use excellent communication and customer service skills tomake, develop and foster relationships with clients during engagements.
- Internal communication within Assurance – build and maintainrelationships with peers. The assurance team is a very tight knit but welcomingteam.
- Excellent presentation skills.
- Ability to explain technical concepts to a non-technicalaudience.
- Design and implement strategies to enhance the customerexperience
- Maintain frequent contact with customers during engagements,there should not be any surprises when a customer receives their report.
- Identify and report any road blocks that may impact yourability to test a system.
Career Progression
- Clear, well defined and transparent career progression fromAssociate to Senior levels.
- Continued and tailored career development. Ensuring you getthe training, experience and certifications you need to progress.
- Learning new skills through exposure across a variety ofenvironments, systems and testing types.
Key Competencies & Experience:
- Minimum 1-2 years’ experience in penetration/ethical hackingposition.
- At least one of the following certifications are desirable:CREST, OSCP, OSCE, etc
- Experience in External, Web Application, API, and CloudPenetration testing.
- Experience of mobile applications, cloud infrastructure orsecure code reviews is highly desirable
- Experience with IT and cybersecurity strategy, policies,standards, procedures and controls
- Experience working on projects with teams and individually.
- Positive and driven can do attitude.
- Experience and practical understanding of InformationSecurity Standards & Frameworks
HOW TO APPLY
Please send resumes to: pauline.tabirara@infotrust.com.au
