CrawlJobs Logo

Senior Consultant - Offensive Security

paloaltonetworks.com Logo

Palo Alto Networks

Location Icon

Location:
Japan

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Senior Consultant on the Offensive Security team is focused on assessing and challenging the security posture across a comprehensive portfolio of clients. The individual will utilize a variety of tools developed and act as a key team member in client engagements. They will be the client’s advocate for cybersecurity best practices and will provide recommendations in this domain.

Job Responsibility:

  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Ability to perform travel requirements as needed to meet business demands

Requirements:

  • 3+ years of professional experience with risk assessment tools, technologies, and methods focused on Information Assurance, Information Systems/Network Security, Infrastructure Design, and Vulnerabilities Assessments
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Knowledge and experience in conducting cyber risk assessments using industry standards
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with security assessment tools
  • Knowledge of network vulnerability assessments, web and cloud application security testing, network penetration testing, red teaming, security operations, or 'hunt'
  • Knowledge of computer forensic tools, technologies, and methods
  • Assist in the development of internal infrastructure design for research, development, and testing focused on offensive security
  • Identified ability to grow into a valuable contributor to the practice
  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience to meet job requirements and expectations or equivalent experience required
What we offer:
  • FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees
  • mental and financial health resources
  • personalized learning opportunities

Additional Information:

Job Posted:
January 19, 2026

Employment Type:
Fulltime
Icon
Palo Alto Networks - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Consultant - Offensive Security

New

Senior Security Consultant

Outpost24 is looking for a Senior Security Consultant! You will join our Offensi...
Location
Location
Sweden; Netherlands; Spain; Belgium; Germany , Karlskrona; Stockholm; Amsterdam; Barcelona; Leuven
Salary
Salary:
Not provided
outpost24.com Logo
Outpost24 Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in offensive security (red teaming and/or penetration testing)
  • strong understanding of modern attack techniques and methodologies
  • experienced working with cloud environments and modern applications
  • can identify and chain vulnerabilities into meaningful attack scenarios
  • scripting or programming experience
  • curious mindset and passion for security
  • team player who is also comfortable working independently when needed
  • fluent English
Job Responsibility
Job Responsibility
  • Delivering offensive security engagements, including penetration testing and advanced red team engagements, leveraging frameworks such as MITRE ATT&CK and TIBER-EU/DORA
  • Identifying and exploiting vulnerabilities across a wide range of environments and technologies
  • Supporting complex security assessments that require creative and non-standard approaches
  • Collaborating with team members on challenging scenarios and actively contributing to knowledge sharing
  • Contributing to the continuous improvement of our tools, methodologies, and overall offensive security capabilities
What we offer
What we offer
  • Working on a variety of offensive security engagements across different domains
  • Being part of a skilled and collaborative team within Ghost Labs
  • Opportunities to grow through hands-on experience, training, and certifications
  • A flat organizational structure with high autonomy
  • A healthy work-life balance, with flexible working hours and a hybrid working environment
  • Local perks and benefits of working in your chosen country
  • Fulltime
Read More
Arrow Right

Cyber Security Principal Consultant

Our client is recruiting for a Cyber Security Principal Consultant to join their...
Location
Location
United Kingdom , London or Birmingham
Salary
Salary:
55000.00 - 65000.00 GBP / Year
brosterbuchanan.com Logo
Broster Buchanan
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience of working in professional services firms
  • Demonstrable experience of delivering and leading cyber security advisory and offensive security testing engagements
  • Demonstrable experience of delivering advisory engagements relevant to security operations and defensive controls
  • Understand technology trends, cyber threats, and industry issues
  • Proficient in report writing
  • Experience with security testing techniques such as threat modelling, reconnaissance, social engineering, enumeration, attack path mapping, exploitation, and clean up from a variety of adversarial perspectives (white/grey/black box testing)
  • Proficient in infrastructure and web application testing
  • Proficient in using common commercial and open-source penetration testing tool sets including Kali Linux, Metasploit, Nmap, BurpSuite, Nessus and other industry standard tools
  • Hold an industry recognised certification (this can be at any level from Offensive Security Certified Professional (OSCP)
  • CompTIA PenTest+
Job Responsibility
Job Responsibility
  • Contributing towards the development of exciting new market facing cyber security products and services and internal knowledge sharing hubs
  • Delivering cyber security engagements, from scoping through to delivery, debriefs and report writing
  • Supporting the development of other members of the team
  • Representing the client in external meetings, including attendance at client workshops, audit committees, and regional networking events
  • Building trusted relationships with senior client stakeholders and identifying client and service opportunities
  • Assisting in managing, delivering and leading cyber engagements across a diverse portfolio of clients across the breadth of the mid-market, ensuring both excellent client service and identification of further work opportunities
  • Managing the delivery of agreed work activities with a primary focus on technical security including offensive security services (OSCP, CompTIA PenTest+)
  • Fulltime
Read More
Arrow Right

White Hat Hacker Presales Manager

At Vodafone, we’re not just shaping the future of connectivity for our customers...
Location
Location
Türkiye , İstanbul
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Engineering, Software Engineering, Electrical Engineering, or a related field
  • Minimum 8 years of hands-on experience in a cybersecurity role, preferably within offensive security (Penetration Testing, Red Team, Ethical Hacking, Adversary Simulation)
  • Preference for candidates holding relevant industry security certifications such as: OSCP, CEH, CISSP, CISM, CCSP, or relevant vendor certifications (e.g., Palo Alto Networks, Fortinet, Check Point, etc.)
  • Deep technical knowledge and experience in at least 3 of the following core security domains: Network Security (Firewall, IPS/IDS, Zero Trust), Application Security (API Security, WAF, SAST/DAST), Data Security and DLP, Cloud Security (Azure, Huawei, AWS or GCP), Identity and Access Management (IAM, PAM), Cyber Threat Intelligence and SOC/SIEM solutions
  • Ability to understand and analyze complex enterprise IT and security architectures
  • Ability to effectively present and explain solutions, covering both technical aspects and business value (ROI, risk reduction)
  • Excellent verbal and written communication skills
  • ability to communicate effectively with both senior executives and technical experts
  • Customer focus and the ability to manage challenging negotiations
  • Very good command of English
Job Responsibility
Job Responsibility
  • Conduct in-depth discovery and analysis to thoroughly understand customers' current security posture, architectures, and business processes. Identify potential risk areas from an Offensive Security perspective (e.g., informed by penetration testing or vulnerability hunting experience)
  • Design and propose optimal, end-to-end security solutions, integrated with the company's security product and service portfolio, addressing identified customer needs and risks
  • Provide high-level and detailed technical consultation to customers throughout the sales cycle. Effectively communicate security solutions through compelling presentations, demos, and Proof of Concept (PoC) engagements to both customer executives and technical teams.Act as a techinical advisor to customer CISO/CIO teams on risk reduction strategies and security maturity improvement
  • Support the preparation of accurate and competitive proposals that meet technical requirements
  • create documentation detailing the solution architecture and technical specifications
  • Closely monitor the latest threat trends, technological advancements, and regulatory requirements in the cybersecurity market, integrating this knowledge into presales strategies.Contribute to VF Sales and Marketing strategies to ensure VF Turkey realizes its ambitions for the short-mid and long term
  • Clear understanding of customer needs, addressing the right Vodafone solutions and creating customer-specific technical solutions
  • Identify and address customers critical technical issues (escalations) and non-technical issues, and coordinate necessary support activities
  • Ensure of understanding the scenarios, features and functions within each of the products and how these are applied to address business and technical needs
  • Creating presentations and demonstrations that summarise the simple technical and business benefits of the solution
What we offer
What we offer
  • Vflexy: Flexible Benefits Program
  • Hybrid working kit
  • Ergonomic kit allowance
  • Digital meal voucher
  • Flexible transportation allowance
  • Employee assistance hotline & counselling
  • Comprehensive and flexible private health insurance
  • Discounted price deals for wide range of products & services
Read More
Arrow Right

Consulting Director

The role of Consulting Director in Unit 42 is a senior-level consulting position...
Location
Location
South Korea , Seoul
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of hands-on experience delivering a wide range of cybersecurity consulting services, including at least 4 of the following, for global enterprise customers: Security operations
  • Digital forensics & Incident response
  • Offensive Security - Red & purple teaming
  • Cloud security
  • Cybersecurity strategy & transformations
  • Security Architecture & Zero Trust
  • Cyber crisis management
  • Cybersecurity risk assessments
  • Application security (including AI)
  • Experience as a senior-level team leader including overseeing other principal, senior, and mid-level analyst/consultant teams
Job Responsibility
Job Responsibility
  • Partner with the Unit 42 executive team and capability leaders to develop and execute strategy for the Unit 42 practice
  • Oversee the delivery of our proactive and/or reactive consulting services, ensuring their consistency, quality and highest level of customer service
  • Provide hands-on, expert-level cybersecurity assessment and transformation services to clients and deliver findings to CxO and/or Board of Directors as required
  • Work with the BDM and CSM to perform pipeline generation activities
  • Lead scoping and services overview conversations with clients for prospective engagements in area of expertise, presenting with credibility and authority, clearly articulating various approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Drive innovation in Unit 42’s offerings, collaborating with consulting and cross-functional teams to bring new capabilities and services to market
  • Manage the productivity of a team through attainment of utilisation targets
  • Collaborate with peers and leaders across Unit 42 to drive operational and practice development goals
  • Recruit, onboard and work to retain world class talent to support our growth goals
  • Support the professional growth and development of our consultants through training and technical enablement
What we offer
What we offer
  • Our development and personal wellbeing programs are designed to give you choice in how you are supported
  • This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees
  • Our mental and financial health resources
  • Our personalized learning opportunities
  • Fulltime
Read More
Arrow Right

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Field CTO

PGI is a global digital security consultancy that helps organisations build resi...
Location
Location
United Kingdom , London; Bristol
Salary
Salary:
Not provided
pgitl.com Logo
Protection Group International
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in or working knowledge of the regulatory environment in which our services fall. Including, but not limited to, NIST CSF, DORA, ISO/IEC 27000 series GDPR/DPA, PCI DSS, etc. Plus understanding of ISO/IEC 23894 and the Online Safety Bill
  • Background in offensive security & testing, security architecture, and/or GRC & privacy highly desirable
  • Experience in conducting risk assessments and forming risk management policies
  • Confidence and industry experience to challenge security maturity initiatives
  • Understanding of wider digital resilience service lines
  • Experience in pre-sales, scoping requirements, and client-facing delivery engagements within a cybersecurity context
  • Strong commercial understanding of the corporate and public sector, and appreciation of wider PGI client markets
  • Proven ability to articulate the value of our solutions for clients’ security postures
  • Excellent communication and stakeholder management skills
  • Ability to influence decisionmakers and build long-term client relationships
Job Responsibility
Job Responsibility
  • Contribute to our key clients’ strategic security direction through consulting, advising, and designing human and technical interventions at an expert level
  • Serve as the primary technical consultant during client engagements, understanding their security posture and business needs
  • Translate complex cybersecurity concepts into business value propositions for senior stakeholders, particularly where an expected need is unclear
  • Assist clients in the development of security strategies where they do not exist, and/or present tailored cybersecurity roadmaps designed to help achieve those security strategies
  • Collaborate with PGI’s subject matter experts to identify opportunities to enhance client security using existing services and/or skillsets
  • Where services do not exist, works with delivery leads to help outline what service(s) needs to be created
  • Collaborate with delivery teams to ensure solutions are feasible and aligned with current capabilities
  • Support the sales team and account managers in pre-sales activities, including proposal development, RFP responses, and solution presentations
  • Lead on the technical elements of proposal writing, presenting clear and meaningful client benefit
  • Contribute to revenue growth by identifying and closing upsell opportunities within existing accounts
Read More
Arrow Right

Senior Threat Emulation Team Member

As a senior member of the Threat Emulation team within Admiral’s Cyber Security ...
Location
Location
Salary
Salary:
Not provided
admiralgroup.co.uk Logo
Admiral Group Plc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ Years of delivering offensive security exercises
  • Highly responsive and proven professionalism in communication, interpersonal, analytical, and organizational skills
  • Experience of being a technical lead on security testing engagements
  • A strong technical background is required with in-depth experience in several of the following areas: CI/CD Pipelines/DevOps
  • Cloud and Cloud Security (Specifically Azure and GCP)
  • LLM Security Considerations
  • Applications of AI in Offensive Security
  • Scenario/objective based Penetration Testing/Red Teaming
  • Purple Teaming
  • Microsoft AD, Entra and In-Tune
Job Responsibility
Job Responsibility
  • Owning the delivery of Threat Emulation services through the full lifecycle, including taking responsibility for delivery of key projects and workstreams through to completion
  • Proactively analyse business needs, research
  • recommend solutions and drive their adoption
  • Identifying key opportunities to provide current and new security testing services across the business
  • Developing novel and innovative capabilities within the team
  • Performing post exercise or incident reviews and proposing resolutions using their subject matter expertise
  • Act as a point of escalation for the team and wider cyber department
  • Mentor and develop team members and peers
  • Define, develop and improve procedures, and processes for the team and wider operations department
  • Publish reporting and communications to key stakeholders, including briefings, presentations, control group calls/updates
What we offer
What we offer
  • Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave
  • Financial & Mortgage Advice
  • 24-Hour Ecare
  • Cycle to Work Scheme
  • Annual Holiday Allowance
  • Flexible Working
  • Simply Health
  • Private Health Cover
  • Critical Illness Cover
  • Eligible for up to £3,600 of free shares each year after one year of service
  • Fulltime
Read More
Arrow Right
New

Senior Cybersecurity Advisor

Our Oil and Gas client is seeking a security professional for the role of Senior...
Location
Location
Canada , Calgary
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
June 21, 2026
Flip Icon
Requirements
Requirements
  • 5 or more (5+) years of related work experience working in the Cybersecurity, (IT) Information Technology and/or OT (Operational Technology) domains
  • Familiarity with one or more of the following Security Architecture standards: NIST CSF, NIST 800-53, CSA Z246.1, TSA Security Directives CIS CSC, ISA/IEC 62443
  • Familiarity with Identity and Access Management for SAP S/4HANA
  • Knowledge of, or hands-on experience with security technologies of the following functions: NGFW, VPN, IPS/IDS, vulnerability management, access management, SIEM, endpoint security, threat intelligence, governance, risk and compliance (GRC), offensive security, penetration testing, red & purple teaming
  • Strong interpersonal skills, professional demeanor and demonstrated ability to work cross functionally with stakeholders at multiple levels
  • Strong analytical, investigative, problem-solving and communications skills are important for success in this role
  • Energetic individual who is passionate and outcome focused with the ability to learn and adapt quickly to changing environments and priorities
  • Bachelor’s degree in Computer Science, Information Security, Engineering, or a technical certification in a related discipline is a requirement
Job Responsibility
Job Responsibility
  • Provide technical and non-technical leadership and security consulting to operational and project teams facilitating strategic business outcomes with safe and secure solutions
  • Leverage the client's Control Barrier Architecture and Cybersecurity standards to work with cross functional teams throughout the organization to evaluate, monitor and manage the health of controls and barriers
  • Research and maintain a knowledge base of current technology advancements, trends, and directions to influence future security capabilities
  • Build relationships throughout the organization as a trusted partner for delivering business outcomes
  • Analyze high level risk and controls to ensure cost effective and efficient placement of barriers and their efficacy to manage cyber risk throughout the enterprise
  • Advise on requirements for and implementation of cybersecurity solutions
  • Understand the placement, features and functionality of technology and processes that comprise the clients security architecture and the threats and risks they mitigate
  • Support the high-level strategy and direction of cybersecurity governance, risk, and compliance (GRC)
Read More
Arrow Right