How will I help? As an Information Security Consultant (Red Team Service Delivery Consultant), you will be responsible for advising Westpac business and IT units on Information Security with specific focus on the coordination and support of Red (offensive) Teaming engagements. Key Responsibilities Security: 

• Familiar with Red Teaming methodologies and processes. 
• Assist the business to understand current/emerging threats and exploits and advise on remediation approaches.
• Assist with planning and preparation of Red (offensive) Team, Purple (offensive/defence) Team and Ethical hack scenarios, including procedural and administrative tasks.
• Familiar with development and maintenance of metrics related to Red Teaming.
• Familiar with Infrastructure, Application and Mobile Hacking techniques.
• Educate developer, application and infrastructure teams regarding attack pathways and remediation approaches.

Service Delivery: 

• Investigate, respond to, resolve, and report on security incidents/ issues related to Red Team findings, and advise on and direct implementation of governance frameworks to ensure that incidents/events are actioned promptly based on their risk level.
• Develop and review metrics reports, Red team reports and other Red team operational deliverables.

Partner and Vendor Management: 

• Advise and ensure the implementation of Red Team knowledge and awareness of Westpac employees and developers. 
• Liaise with business units in the identification of controls and preparation of reports to management to provide visibility and assurance to executive stakeholders about the information security state of the Group.

  What’s in it for me? You will play an important and significant part in the future of a business that has been around for 200 years. Our vision is to become one of the world’s great service companies. So, we will back you in the development of your career, with internal career prospects and flexible working. You will also be backed by a fantastic team of people in a can-do, supportive structure.  Whatever shape your family takes, we offer generous paid and unpaid parental leave for your nominated primary and support carers. This includes leave to organise adoptions, surrogacy, and foster care arrangements.    What do I need? To be successful in this role, you need to have the following skills, education & personal attributes: 

• 2 years’ experience in information security, information technology, risk management, Audit or equivalent role
• Demonstrate strong skills related to the coordination of Red (offensive) Team engagements
• Familiar with performing advanced infrastructure, application, mobile and infrastructure level Red (offensive) Team 
• Familiar with the MITRE ATT&CK framework
• Experience identifying and documenting security requirements and scoping criteria
• Experience in writing Security reports and communicating identified vulnerabilities to the internal stakeholders 
• Ability to work both individually and within a team environment and build strong relationships with the internal stakeholders.
• Familiar with one or more of the following platforms: Windows, Linux, Infrastructure, Networking and Cloud/Virtualisation
• A good understanding of information security best practice standards, frameworks or guidelines (e.g. CORIE)
• Tertiary education focused on Cyber Security 
• Project Management Certifications or equivalent