Snr Consultant - Offensive Security, Sydney
Who We Are
FTI Consulting is the leading global expert firm for organisations facing crisis and transformation. We work with many of the world’s top multinational corporations, law firms, banks and private equity firms on their most important issues to deliver impact that makes a difference. From resolving disputes, navigating crises, managing risk and optimizing performance, our teams respond rapidly to dynamic and complex situations.
At FTI Consulting, you’ll work side-by side with leaders who have shaped history, helping solve the biggest challenges making headlines today. From day one, you’ll be an integral part of a focused team where you can make a real impact. You’ll be surrounded by an open, collaborative culture that embraces diversity, recognition, professional development and, most importantly, you.
About The Role
FTI Consulting is seeking a Senior Consultant – Offensive Security to join its Australian Cybersecurity team (must be Aust Citizen, or PR). This is a high-impact consulting role for an experienced offensive security professional who wants to work beyond commodity penetration testing and vulnerability assessments, and contribute to complex, high-stakes client engagements.
You will deliver advanced offensive security services while advising senior stakeholders on real-world cyber risk. The role requires strong technical depth, sound judgement, and the ability to communicate clearly in executive, regulatory and legal contexts.
What You’ll Do
Work with clients to provide strategic and tactical advice that enhance our clients’ cybersecurity posture:
• Deliver advanced penetration testing across corporate networks, cloud environments and a range of applications.
• Execute red team and adversary simulation exercises aligned to contemporary threat actor TTPs.
• Safely conduct exploitation, post-exploitation, and attack path analysis in complex enterprise environments.
• Assess security controls and detection capability from an attacker’s perspective.
• Translate technical findings into concise and approachable language for senior stakeholders.
• Produce high-quality reports suitable for executive, regulatory, and litigation use.
• Assist and drive scoping discussions for offensive security engagements.
• Support cyber incident response matters through attacker-centric analysis.
• Mentor junior team members and contribute to practice capability development, including building bespoke offensive security tools and automating offensive security workflows.
• Support proposals, client presentations, and business development activity.
How You’ll Grow
This is an excellent opportunity for a person with proven, hands-on cybersecurity experience to join a high-performing cybersecurity consulting team. With the ever-evolving cybersecurity landscape, the need for continuous professional development remains at the forefront of the quality of our team and is wholly supported.
We are committed to investing and supporting you in your professional development and we aim to promote continuous learning and individual skills development through on-the-job learning, self-guided professional development courses and external offensive security certifications.
Qualifications & Experience
At a minimum, we expect candidates to have:
• Demonstrated experience (3-6 years) delivering professional offensive security services within consulting or complex enterprise environments.
• Strong hands-on capability across all, or the majority of:
• Network and infrastructure penetration testing
• Web and API application security testing
• Active Directory and identity-focused attacks
• Cloud security testing (AWS, Azure, and/or GCP)
• Endpoint security and EDR evasion techniques
• Solid understanding of modern threat actor methodologies and attack chains.
• Scripting and automation skills (e.g. Python, PowerShell, Bash).
• Strong written and verbal communication skills, with confidence presenting to senior audiences.
• Strong offensive security reporting skills
Additionally, the below is highly desirable:
• Industry certifications including or equivalent to OSCP, OSEP, OSWP, OSWE, CREST CRT, CRTP, CARTP and / or offensive security SANS certifications.
• Have identified and published CVEs.
• Have developed open source offensive security tools.
• Have presented at offensive security conferences, such as BSides or SecTalks.
• Australian Government security clearance or the ability to obtain one.
Our Benefits
Apart from the well-structured career path and excellent team environment, our employees enjoy a variety of perks and benefits. Our benefits include, but are not limited to:
• Attractive remuneration, including discretionary bonuses available to all employees
• 18 weeks paid, gender-neutral parental leave with full superannuation contributions throughout paid and unpaid leave
• Flexible working arrangements
• Financial support to obtain work-related professional qualifications
• Professional membership contributions and generous paid study leave (up to 12 days)
• Corporate discount available for health insurance, including dependent(s)
• Employee Assistance Program ("EAP") - free to all employees and their immediate families
• 35 hours per year for approved pro bono matters
• Special leave - 2 days per year of a cultural or religious holiday that is not treated as a public holiday in Australia
• FTI Work Perks: our discount program that provides a wide range of corporate offers, savings, and wellbeing resources
• Monthly Health & Wellbeing program including fitness subsidies
• Annual paid volunteer hours
• Corporate matching for charitable donations
• Opportunity to join our Reconciliation Action Plan - working group; FTI's Women's Initiative Network (FTI WIN); Diversity, Inclusion & Belonging and Corporate Citizenship committees
About FTI Consulting
FTI Consulting, Inc. is the leading global expert firm for organizations facing crisis and transformation, with more than 7,900 employees located in 32 countries and territories. Our broad and diverse bench of award–winning experts advise their clients when they are facing their most significant opportunities and challenges. The Company generated $3.7 billion in revenues during fiscal year 2024. In certain jurisdictions, FTI Consulting’s services are provided through distinct legal entities that are separately capitalized and independently managed. FTI Consulting is publicly traded on the New York Stock Exchange. For more information, visit www.fticonsulting.com and connect with us on Instagram and LinkedIn.
FTI Consulting is an equal opportunity employer and does not discriminate on the basis of race, colour, national origin, ancestry, citizenship status, protected veteran status, religion, physical or mental disability, marital status, sex, sexual orientation, gender identity or expression, age, or any other basis protected by law, ordinance, or regulation.
