Senior Consultant- Offensive Security

Company Overview-

Tesserent is an extraordinary home-grown cybersecurity success story. Founded in Melbourne, originally focusing on Managed Security Services and funded entirely by local investors, we have since grown to become one of Australia’s largest cybersecurity providers. Now with offices across Australia and New Zealand, we partner with clients to provide not just Managed Security Services, but a full suite of cybersecurity services.

Partnering with over 1,300 mid-sized to enterprise, government, and critical infrastructure clients, Tesserent delivers comprehensive, tailored solutions to prevent, detect and mitigate potential cyber-attacks. We have deep expertise in security advisory (GRC) and consulting, technical assurance and testing, cloud services, 24x7 managed services and monitoring, incident response and forensics and converged/physical security.

Role Overview-

Tesserent’s Offensive Security Services (OSS) Senior Security Consultants are experienced penetration testers and red teamers who bring their technical expertise, consulting, and leadership skills to the team.

The role will function within the OSS operating model and a service-oriented customer engagement model, supporting the delivery of various OSS capability areas. The role must be well-versed in all aspects of offensive security (penetration testing) methodologies, as well as have a clear understanding of how security controls apply within the overall context of business risk.

The role performs control assurance exercises and other requests from the business, including but not limited to:

• Penetration Testing – Internal, External, Web, Mobile, API;
• Social Engineering Engagements;
• Simulated Phishing Campaigns; and
• Adversary Simulation (Red/Purple Teaming).

Accountabilities-

• Perform customer-focused delivery work on a daily basis.

• Draft customer-focused penetration test reports with minimal errors or inconsistencies.

• Quality Assess (QA) customer-focused reports written by other consultants.

• Run scoping meetings independently and provide coherent and well-structured scoping information to the sales team.

• Run customer workshops, assessments, and interviews.

• Mentor junior consultants.

• Provide pragmatic input for improving methodologies and processes.

• Must be capable of onsite client work

• Should be willing to undertake a security clearance (Min. Baseline)

About the candidate-

For this role we value candidates with the following behaviours:

• Strong interpersonal skills
• Detail-oriented
• Excellent written and verbal communicator
• Team player
• Works well independently
• Achievement-oriented
• Open to learning
• Persistent
• Strong mentoring skills and the willingness to mentor junior staff

The role will suit a security professional with at least 3 - 7 years of penetration testing experience and prior experience effectively leading high-profile engagements of all sizes. You will also have strong knowledge and effective use of Windows Active Directory attack techniques, Linux attack techniques, cloud platform attack techniques, web/mobile application attack techniques; and basic knowledge of security defence products.

The qualifications we expect the candidate to have include business or commercial related education.

• Practical training in at least two penetration testing disciplines (minimum 40 hrs course)
• Advanced training in at least one penetration testing discipline (minimum 40 hrs course)
• Minimum 1 security cert. e.g. GPEN, GWAPT, GMOB, GXPN, GCPN, OSCP, OSWE, OSEP, OSEE, CREST, CISSP.

Benefits-

• Opportunities to undertake technical training and secure industry recognised certifications
• Flexible working arrangements with a mix of remote and in-person work
• Opportunities to work with some of the best cybersecurity professionals in the region and to grow and develop your career
• Joining a team of highly skilled and multi-cultural security professionals