The Opportunity
The Senior Security Consultant will assist the Assurance division in performing penetration tests and other assurance related activities, and the production of high-quality deliverables for our clients. You will use a mixture of manual testing and automated tooling to enumerate our clients’ systems to identify and exploit vulnerabilities.
Working as part of our Cyber Security team, the role will seek out and identify passive threats to network integrity. Using your established testing experience across network, application and mobile environments, the role will work closely with customers, with the aim of providing reports on findings, working as the primary technical contact for project delivery.
Responsibilities
Billable Engagements
- Hands on delivery of assurance project across multiple penetration testing and assurance disciplines. Primarily External, Web/API, Internal, Cloud Audits, Social Engineering.
- Working under supervision of a Senior consultant or working alone.
- Production of high quality and actionable reports, which are drafted and delivered on time.
- Continuous learning – personal and professional development. Keeping up to date with the latest tools, tactics and techniques. Gaining certifications and cross skilling.
- Providing support with internal assurance projects and activities. Includes maintenance and upgrading of infrastructure and tooling, marketing activities, and providing pre-sales support.
- Providing support to junior members of the Assurance team.
- Maintaining regular, meaningful and timely communications with customers during engagements.
- Reporting and escalation of issues/roadblocks during engagements.
- Time management – self managing time on a billable engagement to ensure that the scope and reports are completed within the allocated time period.
Non billable projects
- Undertake activities that generate improvements, efficiencies, increase revenue or reduce costs.
- Undertake activities relating to the maintenance of tooling and infrastructure.
- Supporting the development and uplift of policies and procedures, reporting tools and deliverables.
- Keep a head of the curve, learn new skills and share it with the team. Keep on top of training requirements during quieter periods.
Customer Service and Communication is Key
- Use excellent communication and customer service skills to make, develop and foster relationships with clients during engagements.
- Internal communication within Assurance – build and maintain relationships with peers. The assurance team is a very tight knit but welcoming team.
- Excellent presentation skills.
- Ability to explain technical concepts to a non-technical audience.
- Design and implement strategies to enhance the customer experience
- Maintain frequent contact with customers during engagements, there should not be any surprises when a customer receives their report.
- Identify and report any road blocks that may impact your ability to test a system.
Career Progression
- Clear, well defined and transparent career progression from Associate to Senior levels.
- Continued and tailored career development. Ensuring you get the training, experience and certifications you need to progress.
- Learning new skills through exposure across a variety of environments, systems and testing types.
Key Competencies & Experience:
- Minimum 4-6 years’ experience in penetration/ethical hacking position.
- At least two of the following certifications are desirable: CREST, OSCP, OSCE, etc
- Experience in External, Web Application, API, and Cloud Penetration testing.
- Experience of mobile applications, cloud infrastructure or secure code reviews is highly desirable
- Experience with IT and cyber security strategy, policies, standards, procedures and controls
- Experience working on projects with teams and individually.
- Positive and driven can do attitude.
- Experience and practical understanding of Information Security Standards & Frameworks
HOW TO APPLY
Please send resumes to: pauline.tabirara@infotrust.com.au
