Senior Security Consultant

at  Gallagher

ABOUT GALLAGHER

Our purpose at Gallagher is ‘Protect what matters most’ and we live it every day. Not only does our technology protect some of the world’s highest security environments and agriculture businesses but our purpose also means we care deeply about our people and their families.
Gallagher has operations in New Zealand, Australia, Asia, Africa, USA, Canada, the UK and Europe and exports to over 160 countries. Our culture is entrepreneurial in spirit, complex, challenging and ever changing and the business offers New Zealand based candidates unrivalled globally focused career paths.
We have established a dedicated business unit within the greater Gallagher corporate to bring dynamic and innovative thinking to the security space. With a solid investment in R&D and innovation, we have high ambitions for momentous growth over the next few years, and we need the right people in the right places to help us get there. So, come and be part of a genuine New Zealand success story, building new products targeting a global audience.

THE FIT

This is a great opportunity for the right person to demonstrate successful implementation of cyber security risk management processes, that will have a real-world impact in the products we build. We’re looking for someone who is a good communicator, good at building relationships, has lots of hands-on technical experience, and an attacker’s mindset. Candidates for the role will ideally have the following experience and skillset:

• Tertiary qualification in computing related studies and/or relevant industry certification with practical transferable skills (or demonstratable equivalent experience).
• Minimum of 5 years’ experience in the field of cybersecurity, with a background in penetration testing.
• Demonstrated experience in cybersecurity, security testing and coding/scripting.
• Strong verbal and written communication and ability to write clear and concise documents describing processes or problems.
• Ability to evaluate and articulate the impact of product anomalies and set appropriate classifications.
• Proven track record of building strong relationships with development teams, security researchers, and the wider security community.
• Strong time management and prioritisation skills.

We’re particularly interested in hearing from candidates who also possess one or more of the following skills and qualifications:

• Ethical hacking certification (e.g., CEH, OSCP, CPTS, GPEN, CompTIA PenTest+).
• Information Security certification (e.g., CISSP, CSSLP, CCSP, GSEC, CompTIA Security+).
• Expertise in cloud security, embedded security, and/or cryptography.
• Coding experience in high-level languages such as C, C++, and C#, and ability to perform secure code reviews.
• Strong technical understanding of computers, operating systems, applications, and networking.
• Vulnerability and threat management experience.

• Tertiary qualification in computing related studies and/or relevant industry certification with practical transferable skills (or demonstratable equivalent experience).
• Minimum of 5 years’ experience in the field of cybersecurity, with a background in penetration testing.
• Demonstrated experience in cybersecurity, security testing and coding/scripting.
• Strong verbal and written communication and ability to write clear and concise documents describing processes or problems.
• Ability to evaluate and articulate the impact of product anomalies and set appropriate classifications.
• Proven track record of building strong relationships with development teams, security researchers, and the wider security community.
• Strong time management and prioritisation skills