Principal Offensive Security Consultant

Join to apply for the

Principal Offensive Security Consultant

role at

ctrl:cyber

Ready to lead with purpose in a place where your expertise drives real impact?

ctrl:cyber is a fast‑growing, proudly Australian cybersecurity firm driven by curiosity, integrity, and impact. We’re looking for senior individuals who bring deep expertise, value collaboration, and are energized by solving complex challenges.

Here, your experience is respected, your insights are welcomed, and your growth doesn’t stop. We offer real autonomy and the opportunity to lead alongside peers who are as committed as you are to excellence and continual learning. Expect to do meaningful work. Expect to grow. Expect to be supported as you take on challenges that matter.

We’re looking for an experienced Penetration Tester to join our existing and growing team. You will be working within a testing team, solving our client’s cybersecurity issues, sharing your knowledge, and mentoring others. Outside of your core responsibilities, you’ll also collaborate across other teams to provide support with scoping, meetings, presentations etc.

What You’ll Be Responsible For

Design and execute tests to break into security protected networks, computer and cloud systems, web‑based applications, and mobile applications to look for vulnerabilities. Test design will be based on threat intelligence, OSINT, or client scenarios.

Conduct physical assessments of client locations, server systems and network device security, looking for ways to exploit vulnerabilities.

Conduct security and network configuration audits to evaluate how well an organization’s system conforms to a set of established criteria and best practice frameworks.

Analyze organizational security policies for effectiveness, make suggestions for improvements.

Document your findings, write evidence‑based security reports, and discuss solutions with IT stakeholders, senior management teams, and C‑Suite leaders.

What We’re Looking For

Min 8 years’ industry work experience within Cybersecurity in a similar Penetration Testing role (DevOps IT SysAdmin, or IT analyst background desired but not required).

Industry recognized certifications preferred: OSCP, OSEP, CRTO, SANS/GIAC, PNPT, ECPPTv2.

Previous experience in a customer facing and/or a consulting‑type role delivering a wide variety of end‑to‑end testing.

A strong background in Mobile Apps and API Penetration testing (Android and iOS).

Low level programming language experience (desired but not required).

A natural problem solver with the ability to multi‑task and apply analytical thinking to solve a range of testing issues and well as produce well‑written, evidence‑based reports.

Excellent communication skills – both written and verbal.

Strong collaboration skills – you’ll be working with a variety of teams within the organisation to solve client requirements.

What You’ll Get

A flexible work environment – we trust our team!

Flexibility, autonomy, and support—with a clear investment in your development.

A collaborative, technically excellent team to be part of.

Seniority level

Mid‑Senior level

Employment type

Full‑time

Job function

Consulting

Industries

Computer and Network Security

#J-18808-Ljbffr