Offensive Security Consultants in Sydney, this one is for you.
I'm working with a consulting firm that's spent 10+ years building a healthy, growing business, backed by experienced local operators who have real momentum and ambition to keep scaling (upcoming rebrand).
Up until now, they've leaned on external resources for penetration testing engagements. That's changing. They're bringing the service in-house - and looking for the person to lead it as their first technical offensive security consultant.
Could it be you?
No layers of sign-off, no competing for testing work against ten other consultants, no inherited legacy processes to unwind. Just you, building the function with the backing and resourcing of an established firm, not the bureaucracy that usually comes with one.
Fancy it? Keep reading.
You'll work directly with leadership, with a clear, structured path toward a principal or Lead position as the function (and team) grows around you. The business is already thinking about the 2nd security testing consultant to support.
What You'll Do
- Run penetration testing engagements end-to-end: scoping through to reporting
- External and internal network, web application, API, Active Directory, cloud configuration reviews, and social engineering / phishing simulation
- Shape the methodology, tooling, and reporting standards for the pen testing function from scratch
- Support the Cyber Business Development Manager with scoping and presales.
- Work closely with the broader GRC consulting team to align technical findings with compliance and risk frameworks
- Mentor and help build out the function as it scales.
What We're Looking For
- Solid penetration testing experience (mid to senior level): OSCP or CREST ideally required
- 5 + years of penetration testing experience.
- Comfort working across compliance-driven environments.
- Strong communication skills for being client facing when required.
- Self-starter mentality: genuinely energised by building something.
What's on Offer
- Up to a $160,000 base salary + super
- Remote first, client on sites will be required
- Direct access to leadership and real input into how the function is built
- A boutique firm with an established client base
If this sounds like you, or you're just under the experience level but want to have a conversation regarding stepping up, I'd still love to chat with you.
Please APPLY directly or share with me your email directly to [email protected]
**Citizenship/PR Required**
Key Skills
Ranked by relevance
Related Jobs
3 roles aligned with this opportunity
DevSecOps Engineer
2026-07-02
Infra VAPT – PenTester (Fresher and Experience)
2026-06-30
DevOps Engineer
2026-07-04
- Posted
- Jul 01, 2026
- Type
- Full-time
- Level
- Mid-Senior
- Location
- Sydney
- Company
- Decipher Bureau
Industries
Categories
Related Jobs
3 roles aligned with this opportunity
DevSecOps Engineer
2026-07-02
Infra VAPT – PenTester (Fresher and Experience)
2026-06-30
DevOps Engineer
2026-07-04