Consultant - Cybersecurity, Sydney
About The Role
FTI Consulting is the leading global expert firm for organisations facing crisis, transformation and moments of truth. The Cybersecurity Practice within FTI Consulting is a leading provider of independent cyber and risk management advisory services with a core offering focused on (but not limited to) Cyber Readiness, Incident Response, Offensive Security, and Complex Investigations & Litigation.
Join our award-winning cybersecurity practice in Sydney as a Consultant – Cybersecurity. At FTI Consulting (Australia), you will work side-by-side with industry leaders at the Cybersecurity Consulting Firm of the Year (2025 & 2026), tackling high-stakes challenges that make global headlines. This full-time role offers exceptional professional development and clear pathways for career progression within the firm.
This is a high-impact consulting role suited to a cybersecurity professional who wants to work across both incident response and offensive security engagements, contributing to complex, high-stakes client matters.
We are seeking candidates who want to work on either offensive security only, incident response only, or a combination of both.
What You’ll Do
Work with clients to provide strategic and tactical advice that enhances their cybersecurity posture across both reactive and proactive engagements:
Incident Response & Investigations
- Respond to complex cyber incidents, including ransomware, data breaches, malware infections, email compromises, insider threats, and other security breaches experienced by our clients.
- Conduct in-depth investigations on various platforms and devices to identify the extent of compromise and potential threat actors.
- Rapidly assess incoming incidents, coordinating with internal teams and clients to implement containment strategies and mitigate potential damages.
- Utilise security tools, software, and methodologies to gather and analyse digital evidence, reconstruct incident timelines, and produce detailed assessments.
- Generate clear and concise reports documenting investigative findings, analysis results, and recommended remediation actions.
- Work closely with cross-functional teams, including Cybersecurity, Forensics, Legal and IT teams, to ensure well-rounded incident response efforts.
Offensive Security
- Deliver penetration testing across corporate networks, cloud environments, and applications.
- Execute adversary simulation activities aligned to contemporary threat actor TTPs.
- Safely conduct exploitation, post-exploitation, and attack path analysis in enterprise environments.
- Assess security controls and detection capability from an attacker’s perspective.
- Translate technical findings into concise and approachable language for senior stakeholders.
- Produce high-quality reports suitable for executive, regulatory, and litigation use.
Broader Responsibilities
- Assist with and contribute to scoping discussions for cybersecurity engagements.
- Support cyber incident response matters through attacker-centric analysis.
- Support proposals, client presentations, and business development activity.
- Stay current with the latest cyber threats, attack techniques, vulnerabilities, and threat actor trends.
Collaborate with multidisciplinary teams to deliver high-quality client outcomes.
How You’ll Grow
This is an excellent opportunity for a person with proven, hands-on cybersecurity experience to join a dynamic and growing cybersecurity team. With the ever-evolving cybersecurity landscape, the need for continuous professional development remains at the forefront and is fully supported.
You will gain exposure to both incident response and offensive security engagements, working alongside experienced practitioners on high-profile matters.
We are committed to investing in your development through on-the-job learning, mentoring, and professional certifications.
Qualifications & Experience
- Unrestricted working rights
- 6+ months of full-time professional experience in offensive security, incident response or a relevant and adjacent cybersecurity domain (consulting experience is preferred).
- A keen interest in cybersecurity, across either offensive or defensive domains, with a desire to progress a career within an international cybersecurity consultancy.
- Hands-on cybersecurity experience in incident response, threat hunting, penetration testing, or similar areas.
- Strong understanding of:
- Windows and Linux operating systems
- Exploits, vulnerabilities, intrusion vectors, and malware
- Enterprise environments, including AWS, Azure (including Microsoft 365), and/or GCP
- Tactics, techniques, and procedures (TTPs) commonly employed by threat actors
- Strong written and verbal communication skills, with the ability to produce clear and concise reports.
- Ability to work with senior team members and clients to solve complex cybersecurity scenarios, including during crisis situations.
- A strong work ethic, integrity, and a high level of professionalism.
- Certifications: OSCP or similar (offensive or defensive security)
- Desirable
- Scripting and automation skills (e.g. Python, PowerShell, Bash).
- Experience with Active Directory, identity-focused attacks, or cloud security testing.
- Understanding of enterprise incident management and response processes.
Our Benefits
Apart from the well-structured career path and excellent team environment, our employees enjoy a variety of perks and benefits. Our benefits include, but are not limited to:
- Attractive remuneration, including discretionary bonuses
- 18 weeks paid, gender-neutral parental leave with full superannuation contributions throughout paid and unpaid leave
- Flexible working arrangements
- Financial support to obtain work-related professional qualifications
- Professional membership contributions and generous paid study leave (up to 12 days)
- Corporate discount available for health insurance, including dependent(s)
- Employee Assistance Program (“EAP”) – free to all employees and their immediate families
- Make an impact in our communities through company sponsored pro bono work
- Special leave - 2 days per year of a cultural or religious holiday that is not treated as a public holiday in Australia
- FTI Work Perks: our discount program that provides a wide range of corporate offers, savings, and wellbeing resources
- Monthly Health & Wellbeing program including fitness subsidies
- Annual paid volunteer hours
- Corporate matching for charitable donations
- Opportunity to join our Reconciliation Action Plan - Working Group; FTI’s Women’s Initiative Network (FTI WIN); Diversity, Inclusion & Belonging and Corporate Citizenship committees
About FTI Consulting
FTI Consulting, Inc. is the leading global expert firm for organisations facing crisis and transformation, with more than 8,100 employees located in 32 countries and territories. Our broad and diverse bench of award–winning experts advise their clients when they are facing their most significant opportunities and challenges. The Company generated US$3.7 billion in revenues during fiscal year 2024. In certain jurisdictions, FTI Consulting’s services are provided through distinct legal entities that are separately capitalised and independently managed. FTI Consulting is publicly traded on the New York Stock Exchange. For more information, visit www.fticonsulting.com and connect with us on Instagram and LinkedIn.
FTI Consulting is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, ancestry, citizenship status, protected veteran status, religion, physical or mental disability, marital status, sex, sexual orientation, gender identity or expression, age, or any other basis protected by law, ordinance, or regulation.
Compensation Disclosure: The compensation range reflects the potential base salary for the role and is inclusive of Superannuation. Actual compensation is determined based on a wide array of relevant factors including market considerations, business needs, and an individual’s location, skills, level of experience, and qualifications
