Offensive Consultant (Remote)

Offensive Consultant | Triskele Labs | Australia

The Offensive Security Consultant at Triskele Labs plays a key role in delivering high-quality penetration testing services. As a Subject Matter Expert (SME) in the security industry, the consultant is responsible for managing the entire lifecycle of offensive security engagements, from initial setup and information gathering to report generation and close-out activities.

This role requires independent execution of all types of penetration testing, following modern frameworks, while also handling client communications, scheduling, travel arrangements, and technical preparations. The consultant must provide expert security advice to clients, both in person and in writing, and ensure that all outputs meet or exceed expected quality standards within defined timelines.

Team culture is everything to Triskele Labs and it is the reason we exist.

We provide our team a great range of additional benefits such as:

• Additional days of leave for ‘Birthday Leave’ and ‘Doona Day’
• Access to a professional external Employee Assistance Program (EAP) for all team members
• Social functions organised by our People & Culture Team

We are a forward-thinking company and always looking for ways to boost our team culture to ensure we are a destination employer. We continually undertake surveys to seek feedback from our team on ways we can improve our work environment and team member experience at Triskele Labs.

Accountability:

• Responsible for communicating critical findings to the Penetration Testing Team Lead.
• Accountable for the quality and accuracy of deliverables within the allocated resources and timelines.

Penetration Testing Responsibilities:

• Independently conduct penetration tests, including:

• Web and mobile applications
• External and internal infrastructure
• APIs
• Wireless networks
• Social engineering, phishing, and physical security
• Hardware assessments
• Cloud infrastructure security reviews

• BurpSuite
• Nessus and other web application scanners
• Directory brute-forcing tools
• Encryption verification tools
• Web technology-specific tools (e.g., ASP.NET, PHP, Java)

Client Engagement:

• Serve as the primary point of contact during engagements.
• Ensure contractual obligations and service expectations are met.
• Lead internal and external kick-off and close-out meetings.
• Manage client communication, including answering questions and providing updates.

Documentation and Communication:

• Produce comprehensive penetration testing reports and documentation.
• Maintain and review internal processes, templates, and resources.
• Ensure timely communication with clients and team members.

Skills and Qualifications:

• Advanced knowledge of:

• Security systems and protocols
• Programming languages (e.g., Python) and network fundamentals
• Operating systems: Microsoft Windows, Linux, Unix
• Networking and security concepts: firewalls, proxies, SIEM, antivirus, IDPS

• OSCP (essential)
• CREST Certified Tester (preferred)
• Additional certifications (e.g., GIAC, Offensive Security) are a plus.

Additional Requirements:

• Willingness to undergo security clearance and background checks.
• Valid Australian driver’s license.
• Flexibility for interstate and international travel.
• Willingness to work overtime when required.

Tagged as: remote, remote job, virtual, Virtual Job, virtual position, Work at Home, work from home