Security Consultant, Security Testing & Assurance

_{25th August, 2025}

The work we do matters
We protect and defend our customers and communities by providing the widest range of cyber security professional services in the region.

With more than 1,400 team members across Australia, New Zealand, the UK and US, we are a leading force in cyber security, offering services from strategy, GRC, managed security services, cloud security, digital forensics and cyber education.

If you’re ready to work with teammates that get you, a leader that supports you and customers that need you, then you’re ready for CyberCX.

Unimagined opportunity with our Security Testing & Assurance team
On our team, you get access to an unmatched range of customers, work on unique projects and do it while working alongside some of the best in the industry.

If you’re keen to get out from behind a desk, we also test hardware (think ATMs, medical devices, satellites, and various operational technology) and we put our customers to the test with social engineering, red teaming, and physical penetration testing.

We celebrate our craft (think Hack of the Month), share our discoveries (internal conferences where we share our research) and you’ve probably seen our team at local meet ups and cons because we support and encourage them to get involved.

What this role involves
As a security consultant your responsibilities are to deliver on security testing engagements, grow your consultancy skills, progress your technical skillset and positively contribute to our culture.

Day to day you will:

Conduct security tests on customer information systems, infrastructure, software, network - remotely or onsite
Provide robust and considered remediation advice that addresses security weakness and improves security posture
Develop metrics to enable our customers to make informed decisions about the posture of their environment.

Skills and experience
This role requires full working rights in Australia (no current or future sponsorship).

A minimum of two years as a security testing/cyber practitioner in which you have developed capability in managing client expectations, your time, technical security testing, and report writing.

Working knowledge of web application and network security, with hands-on experience in manual testing techniques and the use (and limitations) of automated scanners
Effective stakeholder engagement and communication skills
Strong analytical and problem-solving skills
Knowledge of various operating systems and networks, especially Linux, Windows, and Active Directory
Related certifications such as OSCP, CREST CCT (Applications or Infrastructure), SANS or other (apply even if you’re still working towards any of these)
Experience with cloud and container technologies like AWS, Azure, or Kubernetes is a plus
Proficiency in a programming language such as Python, Java, JavaScript, or C++ would be great

Interested but don’t meet every item listed above? If you’re excited about this role but your experience doesn’t align precisely, please still apply. You could be just the right person for this role and CyberCX.

Great advantages for great people
A salary package that recognises your experience plus a range of advantages (just some of which are listed below – ask us for a benefits brochure).

Flexible working in a hybrid arrangement (a blend of office and WFH) with modern and comfortable workplaces that accommodate different working styles
Salary packaging options (such as a novated car lease)
Health & Wellbeing program including access to our employee assistance service, mental wellness leave, online CyberCX Wellbeing Centre and workplace mental health first aiders
Discounts on health insurance and gym membership plus savings on everyday groceries, electronics, technology, fuel, travel and more
Personalised development planning, access to training and membership to industry organisations

Be yourself. We embrace diverse perspectives, experiences, and backgrounds. Please let us know if you require additional support or adjustments to assist with your recruitment experience.

We take security seriously. We require all employees to complete background checks (including police and global sanction list checks) annually.

Where appropriate, the CCX Talent Team will work with our preferred panel of agencies. Fees will not be paid for unsolicited resumes that are submitted directly to hiring managers and not through our approved process.

Apply For Job