Security Consultant

Macquarie Group

Job no: COG-933925

Work type: Full time

Location: Sydney

Group: Corporate Operations Group

Division: Technology

Recruiter: Andrea Ip

  • Security Consulting position to support the global business.
  • Technical Security focus across all layers of technology including new and emerging ones.
  • Full time position working for a leader in financial services – Sydney CBD based.

About the role

Technology Security, part of COG Technology, defends Macquarie's information. The team ensures all information is adequately protected from inappropriate disclosure, that integrity is maintained and information is available when required.

We are looking to recruit an experienced Senior Technical Security Consultant who will be part of the global Security Consulting team and report to the Head of Security Consulting based in Sydney, Australia. The Consulting team operates as a recoverable business model.

The role will require the successful applicant to deliver company-wide technical security risk assessment and consulting services across business groups, manage the pipeline of work from their client base, operate within a global team, report issues and recommendations for management follow up, and manage client relationships.

Key responsibilities

  • deliver authoritative, practical and responsive consulting services on all aspects of enterprise information security risks to COG Technology.
  • provide security consulting services to projects throughout their lifecycles, to help ensure the application and infrastructure solutions being deployed meet appropriate and adequate security standards.
  • identify and assess key IT security risks and recommend appropriate and practical treatment plans.
  • build and maintain productive, collaborative relationships with stakeholders in COG Technology and the business.
  • determine security design issues and drive attack surface analysis and most "at-risk" components.

About you

  • detailed knowledge of technical security concepts and their practical application. This knowledge is required across the application, operating system and network layers.
  • experience in technical security risk assessment – across enterprise infrastructure, web technology and applications platforms. Note: this is not a general technology risk management role, rather a technical information security based role.
  • understanding of current and emerging security technologies, security threats and trends.
  • experience working within DevOps structured teams (including continuous integration and delivery).
  • proven practical experience with security across multiple cloud / virtualization environments: AWS, Azure, OpenStack, VMWare etc.
  • proven experience with threat modelling and risk analysis.
  • technology savvy, with exceptional communication skills, both written and verbal.
  • logical thought mindset and experience developing reusable processes / data architecture.
  • knowledge of security architecture – across enterprise infrastructure, web technology and applications platforms.

The following characteristics are considered essential for the role

  • strong and self-confident, adaptable and flexible – capable dealing effectively with colleagues and business users in a constantly evolving environment.
  • ability to gather written and verbal information from multiple sources, assess and consolidate risks, provide appropriate recommendations.
  • ability to handle multiple tasks, prioritise effectively, remain calm under pressure and when faced with adversity or urgent issues.
  • comfortable working as part of global team across geographies, cultures and time-zones.
  • focused on business enablement whilst being able to reach balanced judgements vs. security.
  • enthusiastic and creative, an inquisitive nature with an attention to detail, yet able to think outside the box and consider the big picture.
  • ability to influence and educate stakeholders and management regarding appropriate security and IT risk management.

Minimum required experience

  • significant experience in technical security risk assessment in a consulting capacity.
  • proven ability to deliver end to end Information security / risk assessment services.
  • excellent analytical and problem-solving skills.
  • financial services experience preferred.


  • university degree in computer science or engineering, or equivalent.
  • technical security certifications including platform/infrastructure-specific certifications, e.g. CISSP, GIAC, CCNA.
  • risk management certifications (preferred, not mandatory), e.g. PCI-DSS, CISA, CISM, SABSA.

Please click on the link to apply for the role, or alternatively please get in touch with for more information.

The Corporate Operations Group (COG) brings together specialist support services including workplace, human resources, market operations and technology. COG's purpose is to drive operational excellence through business-aligned services with a focus on quality, cost and risk. COG comprises the following divisions: Business Improvement and Strategy, Business Services, Human Resources, Market Operations, and Technology.

Find out more about Macquarie careers at

Macquarie understands the importance of diversity and inclusion - our long history of success has come from being different. At Macquarie we value the innovation and creativity that diversity of thought brings. The one thing we all have in common is our focus on high performance. If you're capable, motivated and can deliver, we want you on our team.

Are you viewing this job on LinkedIn? Click here to apply