* Senior Security Consultant jobs in North Sydney
This is a Offensive Security Consultant role with Deloitte based in Sydney, NSW, AU
-- Deloitte --
Role Seniority - mid level
More about the Offensive Security Consultant role at Deloitte
Description:
Job Requisition ID: 36732
Salary packaging – to suit your personal and financial circumstances
Flexible work arrangements – work in a way that suits you best
Rewards platform – your hard work won’t go unnoticed at Deloitte
We currently have multiple vacancies across from Senior Analyst to Senior Manager level in our Offensive Security team!
About The Role
As part of the Deloitte Offensive Security team, you'll be responsible for defining, carrying out, and overseeing penetration testing projects to uncover security vulnerabilities in client's IT systems. You will be required to report on the identified vulnerabilities and provide recommendations for their remediation. Additionally, you will play a crucial role in the team, and other members will look to you as a subject matter expert for guidance and mentorship.
In this role you will respond to client requests, anticipating and meeting client problems and needs using innovative approaches when applicable. You will be involved in all aspects of security and vulnerability management engagements which include but are not limited to:
Network and host layer penetration tests and vulnerability assessments
Firewall, networking, and security device reviews
Web application assessments
API assessments
Mobile application assessments
Red Teaming - targeting technical, physical and human layers of an organisation’s security controls.
Source code reviews using manual and automated tools.
Malware reverse engineering
Wireless Assessments
Closing meetings to present findings to the client.
Detailed reporting and proposal writing
About The Team
Positioned first globally in Security Consulting Services for the 6th year in a row. Yep, that’s Deloitte. The cyberspace is constantly evolving and so are the threats that it brings. That’s why our work is more meaningful (and exciting!) than ever. Always one step ahead, we predict risks and safeguard our clients through end-to-end solutions. More importantly, we help clients unlock new opportunities through safer and more secure systems and policies.
About
Enough about us, let’s talk about you.
We are currently looking for experienced Penetration Testers at Senior Analyst, Manager and Senior Manager levels with the following experience and qualifications:
Hold a current OSCP or CREST Certified Tester (CCT) in either Infrastructure or Web Applications or similar certification or be in a position and level to pass the exam for the certification
For more senior roles, experience in Red Team engagements. With a capability in line with the CORIE framework or similar (e.g. CBEST, TIBER) Experience in working with applications that perform a wide range of business functions - ideally across multiple industries
Ability to understand and assess applications from both a technical and business function perspective
Good experience in performing web application penetration testing and development of supporting business and technical-level reporting
Innovative and analytical in your approach to performing penetration testing, particularly of novel devices and environments
Capable of working to strict deadlines and prioritising work appropriately
The ability to develop scripts or code to automate testing and develop bespoke attacks
Good communication skills with an ability to explain complex technical issues to non-technical business clients
Excellent written skills with demonstrated ability to write reports and proposals. Including the ability to discuss findings from a risk perspective with clear remediation advice specific to the client’s environment.
Experience in one or more of the following:
Reverse engineering
Web Applications
API’s and Microservices
Exploit Development
Application vulnerability assessment
Mainframe systems
Mobile platforms (iOS/Android/Windows/etc)
Social Engineering
Endpoint protection
Practical exposure to security appliances such as firewalls, proxies, NIPS/HIPS and network security applications
Working knowledge of web concepts such as Ajax, XML, SOAP, and WS-Security
Familiarity with the Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP) and National Institute of Standards and Technology (NIST) Special Publications.
Familiarity with penetration testing and vulnerability tools such as Cobalt Strike, Kali Linux, dsniff, nessus, nmap, MetaSploit, CoreImpact, Qualys, tcpdump, wireshark, Nikto, Aircrack-ng, Hailstorm, Burp Suite, etc.
Strong programming experience with Visual Basic and C/C++ or Java languages
Networking: LAN, WAN, interworking technologies
Good understanding of IaaS environments like Azure, AWS and GCP
Why Deloitte?
At Deloitte, we focus our energy on interesting and impactful work.We’re always learning, innovating and setting the standard; making a positive difference to our clients and our society. We putcoaching at the heart of what we do, helping our people grow their careers in any direction – whether it be up, moving into something new, or even moving across the world.
We embrace diversity, equity and inclusion.We have a diverse collection of people from differentbackgrounds, with different experiences, gender identities, abilitiesandthinking styles. What binds us together is a shared commitment tovalueeveryone’sperspectiveand to cultivate inclusion; so that our work environment is a safe space we can all belong.
We prioritise flexibility and choice.At Deloitte, you get trust on Day 1.We know our people get their best work done when they’re in control of where and how they work, designing their work week around their client, team and personal commitments.
We help you live and work well.To support your personal and professional life, we offer a range of perks and benefits, including retail discounts, wellbeingleave, paid volunteering days, twelveflexible working options, market-leading parental leave and return to work support package.
Next StepsSound like the sort of role for you? Apply now.
By applying for this job, you’ll be assessed against the Deloitte Talent Standards. We’ve designed these standards so that you can grow in your career, and we can provide our clients with a consistent and exceptional Deloitte employee experience globally. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.
Before we jump into the responsibilities of the role. No matter what you come in knowing, you’ll be learning new things all the time and the Deloitte team will be there to support your growth.
Please consider applying even if you don't meet 100% of what’s outlined
Key Responsibilities
* Conducting penetration tests
* Reporting findings
* Mentoring team members
Key Strengths
* Penetration testing
* ️ Vulnerability assessment
* Communication skills
* Scripting and automation
* Red Teaming
* Reverse engineering
Why Deloitte is partnering with Hatch on this role. Hatch exists to level the playing field for people as they discover a career that’s right for them. So when you apply you have the chance to show more than just your resume.
A Final Note: This is a role with Deloitte not with Hatch.
Offensive Security Consultant
New
Posted today
Job Description
This is a Offensive Security Consultant role with Deloitte based in Sydney, NSW, AU
-- Deloitte --
Role Seniority - senior
More about the Offensive Security Consultant role at Deloitte
Description:
Job Requisition ID: 36732
Salary packaging – to suit your personal and financial circumstances
Flexible work arrangements – work in a way that suits you best
Rewards platform – your hard work won’t go unnoticed at Deloitte
We currently have multiple vacancies across from Senior Analyst to Senior Manager level in our Offensive Security team!
About The Role
As part of the Deloitte Offensive Security team, you'll be responsible for defining, carrying out, and overseeing penetration testing projects to uncover security vulnerabilities in client's IT systems. You will be required to report on the identified vulnerabilities and provide recommendations for their remediation. Additionally, you will play a crucial role in the team, and other members will look to you as a subject matter expert for guidance and mentorship.
In this role you will respond to client requests, anticipating and meeting client problems and needs using innovative approaches when applicable. You will be involved in all aspects of security and vulnerability management engagements which include but are not limited to:
Network and host layer penetration tests and vulnerability assessments
Firewall, networking, and security device reviews
Web application assessments
API assessments
Mobile application assessments
Red Teaming - targeting technical, physical and human layers of an organisation’s security controls.
Source code reviews using manual and automated tools.
Malware reverse engineering
Wireless Assessments
Closing meetings to present findings to the client.
Detailed reporting and proposal writing
About The Team
Positioned first globally in Security Consulting Services for the 6th year in a row. Yep, that’s Deloitte. The cyberspace is constantly evolving and so are the threats that it brings. That’s why our work is more meaningful (and exciting!) than ever. Always one step ahead, we predict risks and safeguard our clients through end-to-end solutions. More importantly, we help clients unlock new opportunities through safer and more secure systems and policies.
About
Enough about us, let’s talk about you.
We are currently looking for experienced Penetration Testers at Senior Analyst, Manager and Senior Manager levels with the following experience and qualifications:
Hold a current OSCP or CREST Certified Tester (CCT) in either Infrastructure or Web Applications or similar certification or be in a position and level to pass the exam for the certification
For more senior roles, experience in Red Team engagements. With a capability in line with the CORIE framework or similar (e.g. CBEST, TIBER) Experience in working with applications that perform a wide range of business functions - ideally across multiple industries
Ability to understand and assess applications from both a technical and business function perspective
Good experience in performing web application penetration testing and development of supporting business and technical-level reporting
Innovative and analytical in your approach to performing penetration testing, particularly of novel devices and environments
Capable of working to strict deadlines and prioritising work appropriately
The ability to develop scripts or code to automate testing and develop bespoke attacks
Good communication skills with an ability to explain complex technical issues to non-technical business clients
Excellent written skills with demonstrated ability to write reports and proposals. Including the ability to discuss findings from a risk perspective with clear remediation advice specific to the client’s environment.
Experience in one or more of the following:
Reverse engineering
Web Applications
API’s and Microservices
Exploit Development
Application vulnerability assessment
Mainframe systems
Mobile platforms (iOS/Android/Windows/etc)
Social Engineering
Endpoint protection
Practical exposure to security appliances such as firewalls, proxies, NIPS/HIPS and network security applications
Working knowledge of web concepts such as Ajax, XML, SOAP, and WS-Security
Familiarity with the Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP) and National Institute of Standards and Technology (NIST) Special Publications.
Familiarity with penetration testing and vulnerability tools such as Cobalt Strike, Kali Linux, dsniff, nessus, nmap, MetaSploit, CoreImpact, Qualys, tcpdump, wireshark, Nikto, Aircrack-ng, Hailstorm, Burp Suite, etc.
Strong programming experience with Visual Basic and C/C++ or Java languages
Networking: LAN, WAN, interworking technologies
Good understanding of IaaS environments like Azure, AWS and GCP
Why Deloitte?
At Deloitte, we focus our energy on interesting and impactful work.We’re always learning, innovating and setting the standard; making a positive difference to our clients and our society. We putcoaching at the heart of what we do, helping our people grow their careers in any direction – whether it be up, moving into something new, or even moving across the world.
We embrace diversity, equity and inclusion.We have a diverse collection of people from differentbackgrounds, with different experiences, gender identities, abilitiesandthinking styles. What binds us together is a shared commitment tovalueeveryone’sperspectiveand to cultivate inclusion; so that our work environment is a safe space we can all belong.
We prioritise flexibility and choice.At Deloitte, you get trust on Day 1.We know our people get their best work done when they’re in control of where and how they work, designing their work week around their client, team and personal commitments.
We help you live and work well.To support your personal and professional life, we offer a range of perks and benefits, including retail discounts, wellbeingleave, paid volunteering days, twelveflexible working options, market-leading parental leave and return to work support package.
Next StepsSound like the sort of role for you? Apply now.
By applying for this job, you’ll be assessed against the Deloitte Talent Standards. We’ve designed these standards so that you can grow in your career, and we can provide our clients with a consistent and exceptional Deloitte employee experience globally. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.
Before we jump into the responsibilities of the role. No matter what you come in knowing, you’ll be learning new things all the time and the Deloitte team will be there to support your growth.
Please consider applying even if you don't meet 100% of what’s outlined
Key Responsibilities
* Conducting penetration tests
* Reporting vulnerabilities
* Client engagement
Key Strengths
* Penetration testing
* ️ Vulnerability assessment
* Client communication
* Red Teaming
* Scripting and automation
* Reporting and proposal writing
Why Deloitte is partnering with Hatch on this role. Hatch exists to level the playing field for people as they discover a career that’s right for them. So when you apply you have the chance to show more than just your resume.
A Final Note: This is a role with Deloitte not with Hatch.
SAP GRC Security Consultant - Contract - Sydney
2000 Sydney, New South Wales Hastha Solutions
Posted 7 days ago
Job Description
Urgent requirement ofSAP GRC Security Consultant - Contract - Sydney Requirements Design and Build Security Roles in SAP S/4HANATroubleshoot access issues in SAP S/4HANA Security Roles (including Fiori)Configure SAP GRC Access Control 12.0 (ARA, BRM, EAM, ARM) and troubleshoot BRF+, MSMP IssuesPerform regular SOD Analysis for Roles, Users and provide mitigation/remediation recommendationsExecute GRC Reports (User Access Review, FFID Log Review, Pending Access Request Reports etc.,)Troubleshoot SAP IDM Integration issues from GRC sideAccess Management using SAP IDM UISupport Internal and External Audits independentlyVery Good Communication Skills Duration: 6Months and possible extension Eligibility: Australian/NZ Citizens/PR Holders only Email:
Information Security Analyst
New
Posted today
Job Description
This is a Information Security Analyst role with ServiceNow based in Sydney, NSW, AU
-- ServiceNow --
Role Seniority - mid level
More about the Information Security Analyst role at ServiceNow
Company Description
It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.
About Digital Technology & The ServiceNow Security Office
We’re not yesterday’s IT department, we're Digital Technology. The world around us keeps changing and so do we. We’re redefining what it means to be IT with a mindset centered on transformation, experience, AI-driven automation, innovation, and growth.
We’re all about delivering delightful, secure customer and employee experiences that accelerate ServiceNow’s journey to become the defining enterprise software company of the 21st century. And we love co-creating, using, and highlighting our own products to do it.
Ultimately, we strive to make the world work better for our employees and customers when you work in ServiceNow Digital Technology, you work for them.
The ServiceNow Security Organization delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact
Team
ServiceNow’s Global Security Support Center (GSSC) team leverages its diverse, highly skilled security background and expertise to help enhance ServiceNow’s internal and external security program and communicate ServiceNow’s commitment to security to the world. The global team works closely with other components within ServiceNow on security-related topics and directly interfaces with ServiceNow customers.
GSSC Mission Statement: To provide external & internal facing security support on behalf of the Security Organization to improve our customers’ security posture and build Customer trust.
Job Description
Responsibilities/what you get to do in this role
Establish and maintain excellent customer experience.
Build trust and confidence with all customers.
Represent and be a point of contact and support for everything Security in ServiceNow for all internal and external customers.
Facilitate the successful workflow/triage of security-related incidents/cases by interacting with customers, various security teams, and other internal ServiceNow teams as needed.
Provide support and be available asan escalation contact in theOn-Call rotation (weekends, public holidays and after hours) as and when needed, to ensure customers are taken care of, during times that demand availability and support.
Develop and deliver training programs for internal and external customers on security awareness and best practices.
Develop AI Solutions for automating repetitive activities.
Lead, triage, investigation and respond to security matters ensuring timely resolution and enhance customer experience and processes.
Work with Legal on security/privacy-related matters
Qualifications
To be successful in this role you have
Experience : Minimum of 2-5 years of experience in information security or application security roles.
Certifications : Relevant certifications such as ServiceNow CSA (minimum), Azure AI Fundamentals or AWS Certified AI Practitioner, OSWA, GWAPT, GSEC, GCIH, CISSP, CISM are highly desirable.
Skills
Technical: Proficiency in security tools and technologies, logging, SIEM, WAF, firewalls, intrusion detection systems, vulnerability management platforms, and encryption techniques.
Risk: Articulate Security risks in simple English to customers.
Artificial Intelligence: Exposure to AI technologies desired but not mandatory.
Analytical: Strong analytical and problem-solving skills, with the ability to assess and respond to complex security issues.
Communication: Excellent verbal and written communication skills, with the ability to convey technical information to non-technical stakeholders.
Team Collaboration: Proven ability to work effectively in a collaborative team environment.
Concepts: Good understanding of Security concepts and articulating in simple terms without using Jargons and make sense to customers.
Application Security: Good understanding of common web application vulnerabilities (OWASP Top Ten) & mitigation strategies
Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry (Advantage)
Education : Bachelor’s degree in computer science or information security, or relevant information security experience.
BONUS : Web-based vulnerability exploitation experience
Attributes
High self-confidence.
Proactive and self-motivated with a strong sense of ownership and accountability.
Attention to detail and capable of managing multiple tasks and priorities simultaneously.
Innovative mindset with the ability to develop creative solutions to complex security challenges.
Highly positive mindset that should never get faded while serving different cultures across the globe.
Ability to help customers in all best possible ways.
This Level 2/3 Information Security and Application Security Specialist role is an exciting opportunity to join a dynamic and forward-thinking company. If you have the skills, experience, and passion for ensuring the security and integrity of information systems, we invite you to apply and become part of the ServiceNow team.
Additional Information
Work Personas
We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here. To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.
Equal Opportunity Employer
ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements.
Accommodations
We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact for assistance.
Export Control Regulations
For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities.
From Fortune. 2025 Fortune Media IP Limited. All rights reserved. Used under license.
Before we jump into the responsibilities of the role. No matter what you come in knowing, you’ll be learning new things all the time and the ServiceNow team will be there to support your growth.
Please consider applying even if you don't meet 100% of what’s outlined
Key Responsibilities
* Establishing and maintaining excellent customer experience
* Building trust and confidence with all customers
* Representing and being a point of contact for everything Security in ServiceNow
Key Strengths
* ️ Experience in information security
* Proficiency in security tools and technologies
* ️ Excellent communication skills
* Exposure to AI technologies
* Analytical skills
* Team collaboration
Why ServiceNow is partnering with Hatch on this role. Hatch exists to level the playing field for people as they discover a career that’s right for them. So when you apply you have the chance to show more than just your resume.
A Final Note: This is a role with ServiceNow not with Hatch.
Be The First To Know
About the latest Senior security consultant jobsin North Sydney !
Set Email Alert:
Job title
Location
What other jobs are popular in this category?
Explore these high-demand roles to expand your search:
Didn't find the right job? Get Career Advice to find your ideal role.
#J-18808-Ljbffr