Penetration Testing and Assurance Consultant

Job Description

Cyber Security Penetration Testing & Assurance Consultant

About the client:
Our client is a major organisation committed to strengthening cyber resilience across diverse environments. This role is pivotal in delivering advanced penetration testing and assurance services to identify vulnerabilities and validate security controls.

About the role:
We are seeking a highly skilled Penetration Testing and Assurance Consultant/Analyst to conduct in-depth security testing red and purple team exercises social engineering assessments and configuration reviews. Youll help clients uncover vulnerabilities improve defences and enhance their overall security posture.

Key Responsibilities:
Perform penetration testing using closed-box open-box and double-blind methods across internal/external systems web/mobile apps APIs hardware and cloud services.
Plan and execute red and purple team exercises collaborating with defensive teams to test detection and response capabilities.
Design and deliver social engineering campaigns including phishing simulations to assess human factor vulnerabilities.
Conduct security configuration reviews for systems applications networks and cloud environments against best practice benchmarks.
Document findings with clear actionable recommendations and concise reports for technical and non-technical stakeholders.
Advise clients on remediation strategies and security improvements.
Stay current with emerging threats attack techniques and security technologies.

Required Experience:
Proven experience in penetration testing and security assurance across varied platforms and environments.
Strong knowledge of methodologies (OSSTMM OWASP NIST) and tools (Burp Suite Metasploit Nmap Kali Linux etc.).
Experience with red/purple team engagements and coordination with defensive security teams.
Hands-on expertise in social engineering and phishing simulation tools.
Security configuration review and hardening for operating systems network devices applications and cloud services.
Relevant certifications (OSCP OSCE CREST CRT CEH GPEN or equivalent) highly desirable.
Excellent analytical problem-solving and communication skills.

Other Requirements:
Must hold (or be eligible for) Australian Government NV1 security clearance.
Ability to work independently and manage multiple engagements.
Strong commitment to professional ethics and confidentiality.
Willingness to travel to client sites as required.

Whats on offer
This is a contract role based in Canberra (preferred) with options in Brisbane Sydney Melbourne or Adelaide. Youll play a key role in delivering robust penetration testing and assurance services in a dynamic high-impact environment.

How to Apply
Please upload your CV to apply. For direct enquiries about the role contact Farbar Siddiq at or 0.

Suitable candidates will be contacted with next steps. You may be required to complete selection criteria as part of the application process.