Job Title

Position Security Consultant Offensive Security Location Australia or New Zealand Security Requirements If in AU, Citizens ONLY due to the need to obtain security clearances. NZ, Citizens and Residents only. Employment Type Full Time, Permanent Position. Our Why Datacom works with organisations and communities across Australia and NewZealand to make a difference in peoples lives and help them to use the power of tech to innovate and grow. About The Role As an Offensive Security Consultant within our Application Security Team, you will be a key member driving our offensive security capabilities across penetration testing, Breach & Attack Simulations (BAS), and AI Red Teaming. You will help Datacom build and deliver worldclass offensive security assessments to external customers and internal Datacom teams, while contributing to broader Application Security initiatives. As an Offensive Security specialist, you will play a critical role in identifying vulnerabilities through adversarial testing, simulating realworld attack scenarios, red teaming AI systems, conducting technical risk analysis, and providing actionable remediation recommendations. You will also support the Application Security team with threat modelling and secure code review activities, bringing an attackers perspective to defensive security practices. Were looking for passion, ambition, and a depth and breadth of core knowledge as well as the adaptability to everchanging market demands. Our culture is built on people who love coming to work to solve problems, and we embrace those who lean into a problem rather than lean away. Using your cybersecurity expertise, you will join NZs largest cybersecurity services company as part of a dedicated team, proud of delivering topclass advice and guidance to our customers. What You Will Do Perform comprehensive penetration testing on applications, APIs, networks and systems using both manual and automated methods. Design and execute Breach & Attack Simulation (BAS) campaigns to test detection and response capabilities across customer environments. Conduct AI Red Teaming assessments to identify vulnerabilities in machine learning models, LLMs, and AIpowered applications, including prompt injection, model poisoning, and data extraction attacks. Formulate attack plans, test cases and working exploits during offensive security engagements. Support Application Security initiatives including threat modelling sessions and secure code reviews, providing offensive security insights. Prepare comprehensive reports detailing the results of offensive security testing and recommendations for remediation. Deliver remediation workshops to clients, presenting findings, attack narratives, and practical remediation guidance. Collaborate with Application Security and broader security teams to develop and implement effective testing capabilities and defensive strategies. Conduct research and development to uplift offensive security capabilities and stay ahead of emerging threats. Stay up-to-date with emerging security threats, vulnerabilities, AI security risks, and technology trends. What You Will Bring Proven experience in Offensive Security and Penetration Testing within an enterprise or consulting environment, with a passion for adversarial testing and breaking things to make them stronger. Experience or strong interest in Breach & Attack Simulations, AI Red Teaming, and emerging offensive security techniques. Knowledge of application security principles, secure coding practices, threat modelling methodologies, and ability to support secure code reviews with an offensive mindset. The ability to effectively communicate technical information to both technical and nontechnical stakeholders, including executivelevel presentations. Relevant professional certifications, such as OSCP, eCPPT, eWPT, PNPT, GWAPT, eMAPT, OSWE, OSEP, or CRTO. Proficiency in offensive security tools and platforms (Nmap, BurpSuite, Metasploit, Cobalt Strike, BloodHound, Kali Linux) and experience with BAS platforms is desirable. Proven experience with programming and scripting languages (e.g., Python, Bash, PowerShell, JavaScript) for automation, exploit development, and code analysis. Deep understanding of penetration testing methodologies (OWASP WSTG, OWASP ASVS, PTES, NIST SP 800115) and security frameworks (NZISM, MITRE ATT&CK, NIST, CIS). Why Join Us Here at Datacom Datacom is one of Australia and NewZealand''s largest suppliers of Information Technology professional services. We maintain a dynamic, agile, smallbusiness feel that is often diluted in larger organisations of our size. It''s our people that give Datacom its unique culture and energy that you can feel from the moment you meet with us. We care about our people and provide a range of perks such as social events, chillout spaces, remote working, flexihours and professional development courses to name a few. You''ll have the opportunity to learn, develop your career, connect and bring your true self to work. You will be recognised and valued for your contributions and be able to do your work in a collegial, flatstructured environment. We operate at the forefront of technology to help Australia and NewZealand''s largest enterprise organisations explore possibilities and solve their greatest challenges, so you will never run out of interesting new challenges and opportunities. #J-18808-Ljbffr