AYAN InfoTech is looking for Cyber Assurance - Consultant/Architect/ Analyst to join an exciting project based in Sydney / Melbourne / Canberra. The role offers you the opportunity to contribute towards an extremely well structured and mature environment, working on sophisticated enhancement projects.
Role: Cyber Assurance - Consultant/Architect/ Analyst
Location: Sydney / Melbourne / Canberra
Contract Duration: 6 to 9 Months with high possible extensions
Experience: 7+ Years
We have multiple open positions for below listed roles.
Available Roles: Techno Functional Consultants, Security Architect and Cyber Security Analyst.
Job description: Security Architect
- Consulting: Security Architecture consulting to support them to meet standard security
- Formal Assessment: An assessment of the proposed end to end solution architecture (including external party solution components) for compliance with customers Security Standards, Baselines, Requirements, and Patterns.
- The outcome of the Solution Assessment is an Assessment Report that documents any non-compliance. The report is one of the inputs to the overall Risk Assurance Assessment.
- Advanced knowledge and practice in: Cyber Security foundations including Security Principles; Frameworks and Standards; Threat, Vulnerability, and Risk Assessment.
- Security Architecture (Requirements, Solution Controls Definition, and Assessment).
- Public Cloud security for IaaS/PaaS (Specifically Microsoft Azure and AWS), and SaaS.
- Infrastructure and network security.
- DevOps CI/CD and application security
Security Risk Assurance:
The Senior Cyber Security Risk Assurance Lead is hands-on and multi disciplined, assessing complex technical issues and performing cyber security risk assessments across a wide range of initiatives in a fast-paced, complex environment.
- Performing cyber security risk assessments across multiple projects.
- Collaborating with project teams to understand, challenge and assess security gaps.
- Translation of complex technical findings and cyber risks into clear business outcomes.
- Communication and presentation of cyber risks to Executive level management.
- 10+ years' experience in a cyber security related role (architecture, testing, assurance, cyber risk).
- Ability to understand security findings and concepts from a variety of sources such as Secure Coding, Secure Architecture, Secure Testing, Partner Security etc.
- Proven experience in performing hands-on risk assessments with a technical security context.
- Proven experience in roles which require the translation of technical risks in business context and the communication of outcomes to business stakeholders.
- Experience working in complex environments.
- Excellent communication and presentation skills to executive stakeholders.
Senior Penetration Tester/Analyst:
The Senior Penetration Tester/Analyst will lead and execute advanced penetration testing and vulnerability assessment activities across applications, networks, cloud, and infrastructure. This role requires deep technical expertise, hands-on testing skills, and the ability to communicate findings and remediation strategies to both technical and non-technical stakeholders. The Senior Penetration Tester will also mentor junior team members and contribute to the continuous improvement of Wipro's security testing methodologies.
Key Responsibilities:
- 7+ years of hands-on experience in penetration testing and vulnerability assessment of IT systems.
- Strong expertise in web application, mobile, API, cloud, and infrastructure penetration testing.
- Proficiency with tools such as Burp Suite, Nmap, Nessus, Metasploit, Kali Linux, Wireshark, and others.
- Experience with secure code review, threat modeling, and business logic testing.
- Familiarity with scripting and automation (Python, PowerShell, Bash, etc.).
- In-depth knowledge of security standards and frameworks (OWASP, SANS, NIST, PCI DSS, ISO 27001).
- Plan, execute, and report on penetration tests for web, mobile, API, cloud, and infrastructure environments, following industry standards (OWASP, SANS, PTES, NIST).
- Perform threat modeling, attack surface analysis, and vulnerability exploitation using both manual and automated techniques.
- Conduct advanced security assessments, including red team exercises, social engineering, and physical security testing as required.
- Develop and maintain security testing plans, methodologies, and standard operating procedures.
- Automate penetration and security testing processes where possible.
- Produce detailed, actionable, and risk-based reports for technical teams and executive management.
- Consult with application developers, system administrators, and business stakeholders to explain findings and recommend remediation.
- Mentor and guide junior penetration testers, providing technical direction and quality assurance.
- Stay current with emerging threats, vulnerabilities, and attack techniques; contribute to internal knowledge sharing and research.
- Ensure all testing activities are performed with proper legal authorization and within agreed scope.
Contact: 61-(02) 7207 6926 for more details.
Please note we will be able to contact only shortlisted candidates for this role. We thank you in advance for your interest.
