FreeHire

fticonsulting

Consultant, Cybersecurity

Show

Who We Are

FTI Consulting is the leading global expert firm for organizations facing crisis and transformation. We work with many of the world’s top multinational corporations, law firms, banks and private equity firms on their most important issues to deliver impact that makes a difference. From resolving disputes, navigating crises, managing risk and optimizing performance, our teams respond rapidly to dynamic and complex situations.

At FTI Consulting, you’ll work side-by side with leaders who have shaped history, helping solve the biggest challenges making headlines today. From day one, you’ll be an integral part of a focused team where you can make a real impact. You’ll be surrounded by an open, collaborative culture that embraces diversity, recognition, professional development and, most importantly, you.

Are you ready to make your impact?

About The Role

FTI Consulting is the leading global expert firm for organisations facing crisis, transformation and moments of truth. The Cybersecurity Practice within FTI Consulting is a leading provider of independent cyber and risk management advisory services with a core offering focused on (but not limited to) Cyber Readiness, Incident Response, Offensive Security, and Complex Investigations & Litigation.

We are seeking to appoint a Consultant – Cybersecurity (Incident Response & Offensive Security) to our cybersecurity practice in Sydney. This is a full-time role offering excellent career opportunities and professional development for future progression within the firm. This is a high-impact consulting role suited to a cybersecurity professional who wants to work across both incident response and offensive security engagements, contributing to complex, high-stakes client matters. We are seeking candidates who want to work on either offensive security only, incident response only, or a combination of both.

What You’ll Do

Work with clients to provide strategic and tactical advice that enhances their cybersecurity posture across both reactive and proactive engagements:

Incident Response & Investigations

  • Respond to complex cyber incidents, including ransomware, data breaches, malware infections, email compromises, insider threats, and other security breaches experienced by our clients.

  • Conduct in-depth investigations on various platforms and devices to identify the extent of compromise and potential threat actors.

  • Rapidly assess incoming incidents, coordinating with internal teams and clients to implement containment strategies and mitigate potential damages.

  • Utilise security tools, software, and methodologies to gather and analyse digital evidence, reconstruct incident timelines, and produce detailed assessments.

  • Generate clear and concise reports documenting investigative findings, analysis results, and recommended remediation actions .

  • Work closely with cross-functional teams, including Cybersecurity, Forensics, Legal and IT teams, to ensure well-rounded incident response efforts.

Offensive Security

  • Deliver penetration testing across corporate networks, cloud environments, and applications.

  • Execute adversary simulation activities aligned to contemporary threat actor TTPs.

  • Safely conduct exploitation, post-exploitation, and attack path analysis in enterprise environments.

  • Assess security controls and detection capability from an attacker’s perspective.

  • Translate technical findings into concise and approachable language for senior stakeholders.

  • Produce high-quality reports suitable for executive, regulatory, and litigation use.

Broader Responsibilities

  • Assist with and contribute to scoping discussions for cybersecurity engagements.

  • Support cyber incident response matters through attacker-centric analysis.

  • Support proposals, client presentations, and business development activity.

  • Stay current with the latest cyber threats, attack techniques, vulnerabilities, and threat actor trends.

  • Collaborate with multidisciplinary teams to deliver high-quality client outcomes.

How You’ll Grow

This is an excellent opportunity for a person with proven, hands-on cybersecurity experience to join a dynamic and growing cybersecurity team. With the ever-evolving cybersecurity landscape, the need for continuous professional development remains at the forefront and is fully supported. You will gain exposure to both incident response and offensive security engagements, working alongside experienced practitioners on high-profile matters. We are committed to investing in your development through on-the-job learning, mentoring, and professional certifications.

What You Will Need to Succeed

  • Unrestricted working rights

  • 6+ months of full-time professional experience in offensive security, incident response or a relevant and adjacent cybersecurity domain (consulting experience is preferred).

  • A keen interest in cybersecurity, across either offensive or defensive domains, with a desire to progress a career within an international cybersecurity consultancy.

  • Hands-on cybersecurity experience in incident response, threat hunting, penetration testing, or similar areas.

  • Ability to work with senior team members and clients to solve complex cybersecurity scenarios, including during crisis situations.

  • A strong work ethic, integrity, and a high level of professionalism.

  • Certifications: OSCP or similar (offensive or defensive security)

Strong understanding of:

  • Windows and Linux operating systems

  • Exploits, vulnerabilities, intrusion vectors, and malware

  • Enterprise environments, including AWS, Azure (including Microsoft 365), and/or GCP

  • Tactics, techniques, and procedures (TTPs) commonly employed by threat actors

  • Strong written and verbal communication skills, with the ability to produce clear and concise reports.

Desirable

  • Scripting and automation skills (e.g. Python, PowerShell, Bash).

  • Experience with Active Directory, identity-focused attacks, or cloud security testing.

  • Understanding of enterprise incident management and response processes.


FTI Consulting acknowledges that we stand on the lands of the First Nations peoples and would like to pay our respects to Elders past and present. We extend solidarity and hope for a future where all are afforded justice, dignity and peace.


FTI Consulting is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, ancestry, citizenship status, protected veteran status, religion, physical or mental disability, marital status, sex, sexual orientation, gender identity or expression, age, or any other basis protected by law, ordinance, or regulation.




Compensation
Minimum Pay: $80,500
Maximum Pay: $104,000

Compensation Disclosure: The compensation range reflects potential base salary for the role and is inclusive of Superannuation. Determination of actual salary is based on a combination of relevant factors such as market considerations, business needs, and an individual’s location, skills, level of experience and qualifications.