AYAN InfoTech is looking for Cyber Assurance - Consultant/Architect/ Analyst to join an exciting project based in Sydney / Melbourne / Canberra. The role offers you the opportunity to contribute towards an extremely well structured and mature environment, working on sophisticated enhancement projects.

Role: Cyber Assurance - Consultant/Architect/ Analyst
Location: Sydney / Melbourne / Canberra
Contract Duration: 6 to 9 Months with high possible extensions
Experience: 7+ Years

We have multiple open positions for below listed roles.

Available Roles: Techno Functional Consultants, Security Architect and Cyber Security Analyst.

Job description: Security Architect

• Consulting: Security Architecture consulting to support them to meet standard security
• Formal Assessment: An assessment of the proposed end to end solution architecture (including external party solution components) for compliance with customers Security Standards, Baselines, Requirements, and Patterns.
• The outcome of the Solution Assessment is an Assessment Report that documents any non-compliance. The report is one of the inputs to the overall Risk Assurance Assessment.
• Advanced knowledge and practice in: Cyber Security foundations including Security Principles; Frameworks and Standards; Threat, Vulnerability, and Risk Assessment.
• Security Architecture (Requirements, Solution Controls Definition, and Assessment).
• Public Cloud security for IaaS/PaaS (Specifically Microsoft Azure and AWS), and SaaS.
• Infrastructure and network security.
• DevOps CI/CD and application security

Security Risk Assurance:

The Senior Cyber Security Risk Assurance Lead is hands-on and multi disciplined, assessing complex technical issues and performing cyber security risk assessments across a wide range of initiatives in a fast-paced, complex environment.

• Performing cyber security risk assessments across multiple projects.
• Collaborating with project teams to understand, challenge and assess security gaps.
• Translation of complex technical findings and cyber risks into clear business outcomes.
• Communication and presentation of cyber risks to Executive level management.
• 10+ years' experience in a cyber security related role (architecture, testing, assurance, cyber risk).
• Ability to understand security findings and concepts from a variety of sources such as Secure Coding, Secure Architecture, Secure Testing, Partner Security etc.
• Proven experience in performing hands-on risk assessments with a technical security context.
• Proven experience in roles which require the translation of technical risks in business context and the communication of outcomes to business stakeholders.
• Experience working in complex environments.
• Excellent communication and presentation skills to executive stakeholders.

Senior Penetration Tester/Analyst:

The Senior Penetration Tester/Analyst will lead and execute advanced penetration testing and vulnerability assessment activities across applications, networks, cloud, and infrastructure. This role requires deep technical expertise, hands-on testing skills, and the ability to communicate findings and remediation strategies to both technical and non-technical stakeholders. The Senior Penetration Tester will also mentor junior team members and contribute to the continuous improvement of Wipro's security testing methodologies.

Key Responsibilities:

• 7+ years of hands-on experience in penetration testing and vulnerability assessment of IT systems.
• Strong expertise in web application, mobile, API, cloud, and infrastructure penetration testing.
• Proficiency with tools such as Burp Suite, Nmap, Nessus, Metasploit, Kali Linux, Wireshark, and others.
• Experience with secure code review, threat modeling, and business logic testing.
• Familiarity with scripting and automation (Python, PowerShell, Bash, etc.).
• In-depth knowledge of security standards and frameworks (OWASP, SANS, NIST, PCI DSS, ISO 27001).
• Plan, execute, and report on penetration tests for web, mobile, API, cloud, and infrastructure environments, following industry standards (OWASP, SANS, PTES, NIST).
• Perform threat modeling, attack surface analysis, and vulnerability exploitation using both manual and automated techniques.
• Conduct advanced security assessments, including red team exercises, social engineering, and physical security testing as required.
• Develop and maintain security testing plans, methodologies, and standard operating procedures.
• Automate penetration and security testing processes where possible.
• Produce detailed, actionable, and risk-based reports for technical teams and executive management.
• Consult with application developers, system administrators, and business stakeholders to explain findings and recommend remediation.
• Mentor and guide junior penetration testers, providing technical direction and quality assurance.
• Stay current with emerging threats, vulnerabilities, and attack techniques; contribute to internal knowledge sharing and research.
• Ensure all testing activities are performed with proper legal authorization and within agreed scope.

Contact: 61-(02) 7207 6926 for more details.

Please note we will be able to contact only shortlisted candidates for this role. We thank you in advance for your interest.