Job Title

Only Australian citizens/Permanent Residents will be eligible for this position. FTI Consulting is the leading global expert firm for organisations facing crisis, transformation and moments of truth. The Cybersecurity Practice within FTI Consulting is a leading provider of independent cyber and risk management advisory services with a core offering focused on (but not limited to) Cyber Readiness, Incident Response, Offensive Security, and Complex Investigations & Litigation. We are seeking to appoint a Consultant Cybersecurity (Incident Response & Offensive Security) to our cybersecurity practice in Sydney. This is a fulltime role offering excellent career opportunities and professional development for future progression within the firm. This is a highimpact consulting role suited to a cybersecurity professional who wants to work across both incident response and offensive security engagements, contributing to complex, highstakes client matters. We seeking candidates who want to work on either offensive security only, incident response only, or a combination of both. What Youll Do Work with clients to provide strategic and tactical advice that enhances their cybersecurity posture across both reactive and proactive engagements: Incident Response & Investigations Respond to complex cyber incidents, including ransomware, data breaches, malware infections, email compromises, insider threats, and other security breaches experienced by our clients. Conduct indepth investigations on various platforms and devices to identify the extent of compromise and potential threat actors. Rapidly assess incoming incidents, coordinating with internal teams and clients to implement containment strategies and mitigate potential damages. Utilise security tools, software, and methodologies to gather and analyse digital evidence, reconstruct incident timelines, and produce detailed assessments. Generate clear and concise reports documenting investigative findings, analysis results, and recommended remediation actions. Work closely with crossfunctional teams, including Cybersecurity, Forensics, Legal and IT teams, to ensure wellrounded incident response efforts. Offensive Security Deliver penetration testing across corporate networks, cloud environments, and applications. Execute adversary simulation activities aligned to contemporary threat actor TTPs. Safely conduct exploitation, postexploitation, and attack path analysis in enterprise environments. Assess security controls and detection capability from an attackers perspective. Translate technical findings into concise and approachable language for senior stakeholders. Produce highquality reports suitable for executive, regulatory, and litigation use. Broader Responsibilities Assist with and contribute to scoping discussions for cybersecurity engagements. Support cyber incident response matters through attackercentric analysis. Support proposals, client presentations, and business development activity. Stay current with the latest cyber threats, attack techniques, vulnerabilities, and threat actor trends. Collaborate with multidisciplinary teams to deliver highquality client outcomes. How Youll Grow This is an excellent opportunity for a person with proven, handson cybersecurity experience to join a dynamic and growing cybersecurity team. With the everevolving cybersecurity landscape, the need for continuous professional development remains at the forefront and is fully supported. You will gain exposure to both incident response and offensive security engagements, working alongside experienced practitioners on highprofile matters. We are committed to investing in your development through onthejob learning, mentoring, and professional certifications. Qualifications & Experience At a minimum, we expect candidates to have: 6+ months of fulltime professional experience in offensive security, incident response or a relevant and adjacent cybersecurity domain (consulting experience is preferred). A keen interest in cybersecurity, across either offensive or defensive domains, with a desire to progress a career within an international cybersecurity consultancy. Handson cybersecurity experience in incident response, threat hunting, penetration testing, or similar areas. Strong understanding of: Windows and Linux operating systems Exploits, vulnerabilities, intrusion vectors, and malware Enterprise environments, including AWS, Azure (including Microsoft 365), and/or GCP Tactics, techniques, and procedures (TTPs) commonly employed by threat actors Experience with one or more of: Network traffic analysis, endpoint activity analysis, and log analysis Penetration testing across infrastructure, applications, or cloud environments Enterprise Detection and Response (EDR) tools Cloud security engineering Strong written and verbal communication skills, with the ability to produce clear and concise reports. Ability to work with senior team members and clients to solve complex cybersecurity scenarios, including during crisis situations. A strong work ethic, integrity, and high level of professionalism. Scripting and automation skills (e.g. Python, PowerShell, Bash). Experience with Active Directory, identityfocused attacks, or cloud security testing. Understanding of enterprise incident management and response processes. Certifications GCIH, GCIA, GCFA, GREM or similar (defensive / IR); and / or: OSCP, CREST CRT, CRTP or similar (offensive security) Benefits Attractive remuneration, including discretionary bonuses 18 weeks paid, genderneutral parental leave Flexible working arrangements Professional membership contributions and paid study leave Employee Assistance Program (EAP) Health & wellbeing programs and fitness subsidies Volunteer and pro bono opportunities Corporate discounts and wellbeing initiatives About FTI Consulting With more than 8,000 employees globally, FTI Consulting is the firm organisations call when their most important issues are at stake. Our culture is collaborative, and we value diversity, recognition, development, and making a difference in our communities. Additional Information Job Family/Level: Op Level1 - Consultant Employee Status: Regular All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, national origin or ancestry, gender, age, marital status, sexual orientation, status as a qualified individual with a disability, status as a protected veteran, union affiliation, genetic information, sex, citizenship status, or any other factor prohibited by law. #J-18808-Ljbffr