Job Description
At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it’s all driven by human intelligence.
Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what’s possible.
From manufacturing and engineering to cybersecurity and space, we’re driving progress in some of the world’s most important industries – and working together to build a future we can all trust.
OUR BENEFITS
In addition to interesting, engaging opportunities that impact at scale, and ongoing personal and professional development opportunities, Thales Cyber can offer you:
- Competitive remuneration structure
- Hybrid and flexible working options under the Thales Flex program
- Paid parental leave and family support through Parents at Work
- The day off on your birthday each year
- Novated Lease options
- Ongoing personal and professional development opportunities
- Sonder – Wellbeing & Support Partner
ABOUT THALES
Thales delivers cybersecurity products and services that keep people and assets safe, giving organisations confidence in the security of their digital journeys. Our solutions are deployed in 148 countries, helping governments to maintain sovereignty and organisations to preserve their strategic autonomy.
Thales is a global leader in cybersecurity — no.1 in data security — with more than 6,000 experts and developers worldwide. We bring trust and resilience to key industries including finance, health, retail and manufacturing, as well as critical sectors such as aerospace, defence, critical infrastructure and space.
YOUR ROLE
As our Senior Security Consultant, you will lead complex penetration testing and offensive security engagements, you will be the primary contact for clients on delivery, and you will play a key role in developing the next generation of offensive security talent.
- You will lead complex or high‑risk penetration testing engagements, spanning areas such as advanced web, API, internal AD environments, external infrastructure, cloud and scenario-based testing
- You will be the day‑to‑day point of contact for clients during engagements, managing expectations, scope, progress and communication
- You will design and execute assumed breach, lateral movement and privilege escalation scenarios, aligning your approach to MITRE ATT&CK
- You will review and quality assure the work, notes and reports of junior consultants and graduates, providing constructive feedback
- You will contribute to scoping and estimating work, including technical input into proposals and statements of work
- You will mentor and coach less experienced team members through pairing, formal feedback and informal guidance
- You will lead engagement debriefs and feed lessons learned back into methodologies, tooling and process improvements
- You will support internal initiatives across offensive security, including building or improving labs, tools and repeatable content
YOUR EXPERIENCE
- You will typically bring 4+ years of hands‑on offensive security or penetration testing experience
- You will have strong capability across multiple domains such as web and API testing, internal network/Active Directory assessments, external infrastructure and cloud
- You will have experience designing and running advanced assessments (e.g. assumed breach, phishing-led or scenario-based tests)
- You will be deeply familiar with OWASP methodologies and comfortable adapting them to complex architectures and environments
- You will have strong working knowledge of the MITRE ATT&CK framework and use it to design realistic and defensible attack scenarios
- You will be capable of building and modifying tools, scripts and automation to increase testing efficiency and depth
- You may bring specialist strength in at least one niche area (e.g. mobile, OT, red teaming, application security code review), which will be highly valued
Consulting and communication – the kind of leader you will be
- You will manage client relationships confidently, including handling scope changes and difficult conversations
- You will write clear and technically accurate reports that stand up to scrutiny from both technical teams and executives
- You will present findings and recommendations effectively to both technical and non‑technical audiences
- You will be calm under pressure and able to guide clients through high‑risk findings and remediation options
WE ENCOURAGE YOU TO APPLY
After you have applied, you will receive an email acknowledging your application. We’ll then provide a personalised experience for suitable applicants as we progress through the selection and assessment process. Prior to being offered employment, you will be required to complete pre-employment checks, including police and medical checks where applicable.
As a Defence security clearance is required for this role, applicants must be Australian citizens and eligible to obtain and maintain an appropriate clearance.
It’s easy to dismiss the perfect opportunity if you don’t see yourself as the perfect fit. If this role feels right – no matter your background or personal circumstances – please introduce yourself or join our community. We’re committed to supporting a diverse workplace, and that starts here.
We’re proud to be endorsed by WORK180 as an Employer for All Women, but we know there’s always more we can do. We’ll continue to foster industry partnerships, employee resource groups (ERGs) and development opportunities to make Thales a genuinely equitable employer, for everyone.