Senior Offensive Security Consultant Cyber Security Cape Town

We have a new and exciting role available within our Cyber Security division in Cape Town for a Senior Offensive Security Consultant.

Offensive Security consultants run the delivery of our offensive security services. They help to interpret client challenges, innovate solutions, and deliver findings.

As an OS consultant, you will work across the full spectrum of our pentesting services, whether point in time or continuous, as well as participate in larger engagements such as red teams.

You will help our clients to build cyber resilience, enhance their understanding of the threat landscape, and become better prepared to face dynamic and evolving security risks.

As a senior consultant, you will be responsible for supporting commercial efforts, line management, and maintaining standards, tools, and knowledge.

We seek someone with strong business acumen and technical expertise who can help shape, sell, and deliver impactful resilience workstreams.

The commercial and leadership aspects will take about 40% of your time, with the remaining focus on delivery.

Engage with clients to understand their cybersecurity challenges.

Translate client challenges into tailored solutions that align with S-RM's Offensive Security offerings.

Lead proposal writing and presentations, considering delivery timelines, resource requirements, and pricing.

Contribute to expanding client accounts and securing new business.

Develop an understanding of S-RM's target sectors and industries.

• Penetration testing
• Vulnerability assessments and monitoring
• External infrastructure testing
• Web application testing
• API pentesting
• Phishing and spear phishing simulations
• Internal pentesting
• Mobile application pentesting (Android and iOS)
• OT pentesting

Support senior team members in delivering red team assessments, including end-to-end testing, perimeter breaches, and bespoke scenarios.

• Cloud configuration review
• Application configuration review
• Hardware build review

Present findings through reports, presentations, and briefings.

Assist in developing and delivering cybersecurity training on various topics.

Conduct client training sessions on phishing, awareness, and general cybersecurity topics.

Stay updated on threat intelligence, threat actor activities, and industry developments in mitigation and tooling.

Develop and deliver client threat profiles, threat assessments, and dark web analyses.

Provide oversight, shadowing, and knowledge sharing in pentesting.

Participate in monthly knowledge sharing sessions.

Gain understanding of other cyber services (incident response, digital forensics, cyber advisory) and support offensive security skills development.

Identify and address internal capability gaps with senior support.

The successful candidate must have permission to work in South Africa by the start of employment.

• 23 days holiday per year, plus public holidays ( day per year of service up to 30 days)
• Hybrid and flexible working hours
• Matching pension contributions up to 7% (max 14%) and financial education
• Life insurance of 4x annual salary
• Parental support benefits include :
• Fertility treatment leave : 5 days per treatment cycle
• Maternity leave : 26 weeks full pay, followed by 13 weeks half pay
• Paternity leave : 6 weeks full pay
• Additional health and medical benefits include :
• Medical aid for you and immediate family
• EAP programs for you and immediate family
• Free access to a mindfulness app

#J-