Careers at Cosive

Principal Security Consultant 

Job Description

2024.08.19

Cosive is looking for a Principal Security Consultant to provide security consulting services to our clients, be a technical SME, and to enable Cosive to enhance and promote uptake of security-related software we provide.

About Cosive

What we do

Cosive is a specialist consultancy for security operations (SecOps) and cyber threat intelligence (CTI). We offer consultancy services, perform custom software development, run training courses, resell some select products, and notably we develop our own service offerings: CloudMISP, MalwareZoo, and Antifraud. 

We seek an experienced practitioner in SecOps and/or CTI who is an expert at delivering technical and strategic engagements. We also expect our Principal Security Consultants to both connect with potential clients as a pre-sales engineer to discover their needs as well as to help deliver the engagement outcomes themselves.

Our approach

We operate as a trusted partner with our clients, working together to help them improve their security posture over time. We build close relationships with our clients and often work with them over multiple engagements over multiple years. Honesty, integrity, and trust are core values of our business.

We are a fully virtual company, with all staff working remotely from premises of their choosing. We are all primarily based in Australia and New Zealand. All communications are carried out via chat room, email, phone, and videoconferencing. 

We often deal with international overseas companies. This fact means that sometimes you may be required to start early or work late in order to attend a meeting involving someone from another timezone. This is one of the reasons we have a flexible working policy for staff to enable them to build their work schedule around their own lifestyle.

Cosive’s value stems from our people and their talent. We have a staff-first approach to workloads and the engagements we take on and we respect that each of the members of our team are experienced, capable professionals with a life outside of work. We don’t clock-watch or micromanage our team; we rely on everyone’s ability to work autonomously and collaborate when necessary to achieve good outcomes.

We care about our staff's wellbeing. We know the impact that the stress of intensive work can have on people. This is why for the last few years, we've been giving each staff member an extra day of leave each month to use for their mental health. We call this the Cosive ME day. Please note the Cosive ME day is an additional gift provided by Cosive, is discretionary, and does not form part of your standard remuneration package.

You can get a bit more insight into how we work here. 
‍

Principal Security Consultant Job Duties

Principal Security Consultants are responsible for working closely with clients to discern what goals they wish to achieve, and then helping them achieve those goals. This requires an ability to build close relationships with our clients and to listen and understand their situation and needs. The ideal candidate is someone who has strong cyber security experience, knows how to ask good questions of a client, analyse their problem, turn that into a plan, get feedback, and execute on that plan either themselves or with others in Cosive.

Principal Security Consultants are expected to be a primary source of contact with our existing clients as well as finding new clients and business opportunities for Cosive to explore. Cosive does not have a typical sales team, but instead uses highly experienced security consultants to source work through their relationships and word of mouth. This may involve you needing to reach out to new customers that you may not have met before but may be part of your extended networks. We also offer commissions on sales for this role.

Depending on your particular experience and aptitudes, projects may involve security consulting, cyber threat intelligence, security automation, software development, software support, project management, developing technical materials, system administration, security testing, auditing or any other security related tasks. The work is challenging and varied, and will expose you to many different technologies.

For those domains you may not have experience with, you will also have chances to learn from the rest of the team to improve your skills as well as the chance to attend training when necessary. You will also have a chance to contribute your experience to improve the way that Cosive operates. 

Interactions will be between collaborating with other Cosive staff, and engaging with Cosive customers both remotely and occasionally on-site.

While not regular, there will occasionally be a requirement to attend client sites to perform work, primarily in Australia and New Zealand. Similarly there may infrequently be a need to attend company meetings at locations chosen by Cosive. There may be opportunities to attend security conferences within Australasia and internationally.

Work hours are typically Australian or New Zealand office hours of 9am-5pm, with flexible working hours available if requested. Please note, you may be required to start early or work late in order to attend a videoconference involving someone from another timezone and we expect our staff to accommodate that requirement where possible.

Your responsibilities

• Security consulting engagements with Cosive clients to help them achieve their security goals
• Technical consulting which depending on your skillset may include SecOps, CTI, security system integration design, tooling analysis, data analysis, advisory services, proof of concept development
• Strategic consulting which depending on your skillset may include operations analysis, maturity assessments, gap analysis, operational improvement recommendations, roadmap design
• Staying across developments in cyber security developments, best practices, frameworks, and tooling related to the SOC and CTI spaces
• Developing proof of concepts for new ideas, tools, and concepts
• Develop new relationships with potential Cosive clients
• Develop new business opportunities
• Write proposals and structure commercial engagements
• Technical account management with existing Cosive clients
• Help improve feature roadmap and sales of Cosive-developed products
• Help improve Cosive internal processes
• Help provide strategic advice to the Cosive board
• Provide guidance and help to other Cosive staff
• Any other tasks as required

What we expect from you

Essentials

The primary skills we need you to have.

• Strong security-focused skills involving multiple disciplines
• Extensive experience within one or more security domains, especially in the SecOps and CTI domains (others welcome too)
• Think strategically about Cosive’s direction and how new opportunities may fit into that
• High autonomy and the ability to work without supervision
• Flexible approach to tasks that may change daily
• Excellent collaboration skills using remote working technologies
• Excellent client-facing and internal communication skills
• Ability to self-educate and learn new technologies and technical concepts
• Outstanding organisational and time management skills
• Great attention to detail and multitasking skills
• Flexibility to handle changes to processes and procedures as we grow
• Proven working experience as a senior technical resource

Desirable

A list of skills that we'd like to have. Feel free to apply even if you don't have any of these skills.

• Software development / scripting skills using Typescript, Dotnet, Python
• Experience with MISP, Threat Intelligence Platforms (TIPs), SIEMS and similar technologies
• Prior experience participating in or running a cyber exercise or Tabletop Exercise (TTX)
• Training delivery experience
• Cloud and network architecture experience
• Sales and/or marketing experience
• Social media experience

What kinds of things will you be working on?

There are many possibilities but to give an idea, some of the many things we've worked on in the past at Cosive:

• Analysing our customers’ security operational practices and provide guidance on how to improve them
• Building the roadmap for various organisations' SecOps or CTI programme
• Helping to build national CTI sharing platforms using MISP and STIX/TAXII on AWS
• Helping SOC and CTI teams work out how to better use tooling and their team to get better outcomes
• Working with MITRE ATT&CK and other frameworks to bring order to the chaos of operations and network defence
• Designing, building, and supporting cloud-based MISP and AssemblyLine platforms to suit the needs of SecOps and intel teams
• Giving advice on better leveraging tooling like MISP, TIPs, and SIEMs to get improved outcomes
• Integrating security tooling together using custom designed integrations

Contact & How to Apply

Please note: due to the nature of the work that Cosive Pty Ltd is involved in, candidates will be required to complete a police check as part of the job offer process.

If you would like to apply for this role, or are interested in finding out more about this opportunity, please contact us at:

Email: info@cosive.com
Phone: +61 402 646 653 (Chris Horsley)

Applications close 6 September 2024.