AYAN InfoTech is looking for Cyber Assurance - Consultant/Architect/ Analyst to join an exciting project based in Sydney / Melbourne / Canberra. The role offers you the opportunity to contribute towards an extremely well structured and mature environment, working on sophisticated enhancement projects.
Role: Cyber Assurance - Consultant/Architect/ Analyst
Location: Sydney / Melbourne / Canberra
Contract Duration: 6 to 9 Months with high possible extensions
Experience: 7+ Years
We have multiple open positions for below listed roles.
Available Roles: Techno Functional Consultants, Security Architect and Cyber Security Analyst.
Job description: Security Architect
* Consulting: Security Architecture consulting to support them to meet standard security
* Formal Assessment: An assessment of the proposed end to end solution architecture (including external party solution components) for compliance with customers Security Standards, Baselines, Requirements, and Patterns.
* The outcome of the Solution Assessment is an Assessment Report that documents any non-compliance. The report is one of the inputs to the overall Risk Assurance Assessment.
* Advanced knowledge and practice in: Cyber Security foundations including Security Principles; Frameworks and Standards; Threat, Vulnerability, and Risk Assessment.
* Security Architecture (Requirements, Solution Controls Definition, and Assessment).
* Public Cloud security for IaaS/PaaS (Specifically Microsoft Azure and AWS), and SaaS.
* Infrastructure and network security.
* DevOps CI/CD and application security
Security Risk Assurance:
The Senior Cyber Security Risk Assurance Lead is hands-on and multi disciplined, assessing complex technical issues and performing cyber security risk assessments across a wide range of initiatives in a fast-paced, complex environment.
* Performing cyber security risk assessments across multiple projects.
* Collaborating with project teams to understand, challenge and assess security gaps.
* Translation of complex technical findings and cyber risks into clear business outcomes.
* Communication and presentation of cyber risks to Executive level management.
* 10+ years' experience in a cyber security related role (architecture, testing, assurance, cyber risk).
* Ability to understand security findings and concepts from a variety of sources such as Secure Coding, Secure Architecture, Secure Testing, Partner Security etc.
* Proven experience in performing hands-on risk assessments with a technical security context.
* Proven experience in roles which require the translation of technical risks in business context and the communication of outcomes to business stakeholders.
* Experience working in complex environments.
* Excellent communication and presentation skills to executive stakeholders.
Senior Penetration Tester/Analyst:
The Senior Penetration Tester/Analyst will lead and execute advanced penetration testing and vulnerability assessment activities across applications, networks, cloud, and infrastructure. This role requires deep technical expertise, hands-on testing skills, and the ability to communicate findings and remediation strategies to both technical and non-technical stakeholders. The Senior Penetration Tester will also mentor junior team members and contribute to the continuous improvement of Wipro's security testing methodologies.
Key Responsibilities:
* 7+ years of hands-on experience in penetration testing and vulnerability assessment of IT systems.
* Strong expertise in web application, mobile, API, cloud, and infrastructure penetration testing.
* Proficiency with tools such as Burp Suite, Nmap, Nessus, Metasploit, Kali Linux, Wireshark, and others.
* Experience with secure code review, threat modeling, and business logic testing.
* Familiarity with scripting and automation (Python, PowerShell, Bash, etc.).
* In-depth knowledge of security standards and frameworks (OWASP, SANS, NIST, PCI DSS, ISO
* Plan, execute, and report on penetration tests for web, mobile, API, cloud, and infrastructure environments, following industry standards (OWASP, SANS, PTES, NIST).
* Perform threat modeling, attack surface analysis, and vulnerability exploitation using both manual and automated techniques.
* Conduct advanced security assessments, including red team exercises, social engineering, and physical security testing as required.
* Develop and maintain security testing plans, methodologies, and standard operating procedures.
* Automate penetration and security testing processes where possible.
* Produce detailed, actionable, and risk-based reports for technical teams and executive management.
* Consult with application developers, system administrators, and business stakeholders to explain findings and recommend remediation.
* Mentor and guide junior penetration testers, providing technical direction and quality assurance.
* Stay current with emerging threats, vulnerabilities, and attack techniques; contribute to internal knowledge sharing and research.
* Ensure all testing activities are performed with proper legal authorization and within agreed scope.
Contact: for more details.
Please note we will be able to contact only shortlisted candidates for this role. We thank you in advance for your interest.