21st November, 2024 The world is full of wicked problems to solve.
That's why we need you The challenge of finding vulnerabilities that no one else has found is what gets you out of bed each morning.
You're at your best when using your skills to solve problems that tackle the most critical challenges facing Australian enterprises and governments today.
You bring your whole self to work, because checking your personality at the door isn't for you.
Unimagined opportunity with our Security Testing & Assurance team On our team, you get access to an unmatched range of customers, work on unique projects and do it while working alongside some of the best in the industry.
If you're keen to get out from behind a desk, we also test hardware (think ATMs, medical devices, satellites, and various operational technology) and we put our customers to the test with social engineering, red teaming, and physical penetration testing.
We celebrate our craft (think Hack of the Month), share our discoveries (internal conferences where we share our research) and you've probably seen our team at local meet ups and cons because we support and encourage them to get involved.
You might also know some of our team members from Channel 10's Hunted (Australia).
What this role involves In addition to leading out the AppSec program for Government, the Senior Security Consultant plays a key role in supporting and shaping CyberCX's overall Application Security strategy Day to day you will: Oversee the successful execution of application security for state and federal government contracts, ensuring compliance and fostering trust.
Build and maintain strong relationships with government agencies, proactively identifying new opportunities and collaborating on secure solutions.
Support in defining and executing the Application Security strategy and planning focused on upskilling practices internally at CyberCX to create delivery specialists and identify new ways of delivering Application Security Services to clients.
Deliver the top Application Security services as well as STA services where required to a high standard, specifically those with large or complex testing requirements.
Act as a subject matter expert and technical leader both within STA and externally across practice for Application Security services.
Prepare high quality reports detailing security issues, making recommendations, and identifying solutions, and lead presentations and discussions with customers around Application Security work performed, key results, strategies, processes recommendations and next steps/roadmap to success Engage with Customer Sales and Customer Solutions team in a presales-capacity to assist with technical methodology aspects, costing scoping, standardised proposal methodologies, RFQs and tenders Skills and experience This role requires full working rights in Australia (no current or future sponsorship).
3+ years of experience in application security services, penetration testing, and/or software development, including but not limited to the following: Conducting threat modelling exercises and design reviews Building, supporting and implementing automated security testing tools Implementing DevSecOps processes and managing CI/CD pipelines Conducting secure code reviews for various languages and frameworks Performing Secure SDLC and Secure DevOps reviews against industry standards such as WASP SAMM, BSIMM or DevSecOps maturity model Experience with containerisation and Infrastructure as Code (IaC) Previous experience working for or with Australian Federal or State Government.
Tertiary qualification in information systems, cyber security, software development or a similar field or equivalent industry experience Experience in cloud security and automated application deployment processes Strong stakeholder engagement and communication skills with an ability to build credibility with senior leaders and internal working teams Interested but don't meet every item listed above?
If you're excited about this role but your experience doesn't align precisely, please still apply.
You could be just the right person for this role and CyberCX.
Great advantages for great people A salary package that recognises your experience plus a range of advantages (just some of which are listed below – ask us for a benefits brochure).
Flexible working in a hybrid arrangement (a blend of office and WFH) with modern and comfortable workplaces that accommodate different working styles All the usual leave entitlements plus additional paid leave options (including a day off for your birthday) and the chance to purchase extra leave each year Salary packaging options (such as a novated car lease) Health & Wellbeing program including access to our employee assistance service, mental wellness leave, online CyberCX Wellbeing Centre and workplace mental health first aiders Discounts on health insurance and gym membership plus savings on everyday groceries, electronics, technology, fuel, travel and more Personalised development planning, access to training and membership to industry organisations Employee interest groups and communities including a comprehensive Women in Cyber program A comprehensive reward and recognition program – with a special thank you every year on your anniversary!
Be yourself.
We embrace diverse perspectives, experiences, and backgrounds.
Please let us know if you require additional support or adjustments to assist with your recruitment experience.
We take security seriously.
We require all employees to complete background checks (including police and global sanction list checks) annually.
Where appropriate, the CCX Talent Team will work with our preferred panel of agencies.
Fees will not be paid for unsolicited resumes that are submitted directly to hiring managers and not through our approved process.
Apply For Job