Careers at Cosive

Principal Security Consultant (Remote)‍

2025-04-16

Job brief

Cosive is looking for a Principal Security Consultant to provide cybersecurity consulting services in the SOC, CTI, and engineering spaces, be a technical SME, and uplift our clients in their adoption of Cosive’s in-house developed cloud security services. We are proud of the depth in capability of our consultants, and are seeking a candidate with considerable industry expertise to lead conversations about best practice for our local and growing global customers.

About Cosive

What we do

Cosive is a specialist consultancy for security operations (SecOps) and cyber threat intelligence (CTI). We offer consultancy services, perform custom software development, run training courses, resell products we believe in, and notably we develop our own service offerings: CloudMISP, MalwareZoo, and Antifraud. 

Cosive was founded 10 years ago with the mission of supporting SOC and CTI teams. Our customers tend to be larger organisations, including ASX 200 companies, with dedicated security teams that we interact with. We have worked with organisations in Australia, New Zealand, Europe, US and Asia. We have extensive experience with the financial industry, telecommunications, universities, governments, resourcing and mining, retail and more.

We are looking to expand our team in order to expand the service capacity we can offer for our customers. We seek an experienced practitioner in SecOps and/or CTI who is an expert at sourcing, shaping, and delivering technical and strategic engagements. 

Our approach

We operate as a trusted partner with our clients, working together to help them improve their security posture over time. We build close relationships and often work with them over multiple engagements over multiple years. Honesty, integrity, and trust are core values of our business.

We are a fully virtual company, with all staff working remotely from premises of their choosing. We are all primarily based in Australia and New Zealand. All communications are carried out via Slack, email, and videoconferencing. 

We often deal with international companies. This fact means that sometimes you may be required to start early or work late in order to attend a meeting involving someone from another timezone. This is one of the reasons we have a flexible working policy for staff to enable them to build their work schedule around their own lifestyle.

Cosive’s value stems from our people and their talent. We have a staff-first approach to workloads and the engagements we take on and we respect that each of the members of our team are experienced, capable professionals with a life outside of work. We don’t clock-watch or micromanage our team; we rely on everyone’s ability to work autonomously and collaborate when necessary to achieve good outcomes.

We know that cybersecurity is an intensive profession and stress can impact us all in different ways. We care about the wellbeing of our staff and demonstrate this through our actions, not just our words. This is why for the last few years, we've been giving each staff member an extra day of leave each month to use for their mental health. We call this the Cosive ME day. Please note the Cosive ME day is an additional gift provided by Cosive, is discretionary, and does not form part of your standard remuneration package.

You can get a bit more insight into how we work here. 

Principal Security Consultant Job Duties

Principal Security Consultants are responsible for working closely with clients to discern what goals they wish to achieve, and then delivering to help them achieve those goals. This requires an ability to build close relationships with our clients and to listen and understand their situation and needs, as well as having strong technical skills and strategic insights. The ideal candidate is someone who has strong cyber security experience, knows how to ask good questions of a client, analyse their problem, turn that into a plan, get feedback, and execute on that plan either themselves or with others in Cosive.

Principal Security Consultants are expected to discover and lead new engagement opportunities for Cosive, often through their existing networks, maintain relationships with existing clients as well as provide consultancy to deliver the project outcomes themselves. Cosive does not have a typical sales team, but instead uses highly experienced security consultants to source work through their relationships and word of mouth. This may involve you needing to reach out to new customers that you may not have met before but may be part of your extended networks.  We offer commissions on any sales you make.

Depending on your particular experience and aptitudes, projects may involve security operations consulting, cyber threat intelligence, security automation, software development, software support, project management, developing technical materials, system administration, tabletop exercises, security testing, auditing or any other security related tasks. The work is challenging and varied, and will expose you to many different technologies. You will also have a chance to contribute your experience to improve the way that Cosive operates. 

Our ideal candidate will be adept at engaging with stakeholders at all levels, both internally and externally. Internal engagement will be collaborating with other Cosive staff or board members in tactical, operational and strategic conversations. External engagement can be both at the CISO level as well as working with deep technical experts to add value to their operations.  External networks and engagement skills are also important with peers and industry to demonstrate thought leadership and support to the wider industry. 

While not regular, there will occasionally be a requirement to attend client sites to perform work, primarily in Australia and New Zealand. Similarly there may infrequently be a need to attend company meetings at locations chosen by Cosive. There may be opportunities to attend security conferences within Australasia and internationally. 

Work hours are typically Australian or New Zealand office hours of 9am-5pm, with flexible working hours available if requested. Please note, you may be required to start early or work late in order to attend a videoconference involving someone from another timezone and we expect our staff to accommodate that requirement where possible.

Your responsibilities

• Security consulting engagements with Cosive clients to help them achieve their security goals
• Technical consulting which may include SecOps, CTI, security system integration design, tooling analysis, data analysis, advisory services, proof of concept development
• Strategic consulting which may include operations analysis, maturity assessments, gap analysis, operational improvement recommendations, roadmap design
• Staying across developments in cyber security developments, best practices, frameworks, and tooling related to the SOC and CTI spaces
• Developing proof of concepts for new ideas, tools, and concepts
• Keeping abreast of developments  in automation, large language models, artificial intelligence and data visualisation as they relate to cyber
• Curate relationships with potential Cosive clients
• Develop new business opportunities and markets
• Write proposals and structure commercial engagements
• Technical account management with existing Cosive clients
• Provide input to the feature roadmap and sales of Cosive-developed products
• Bring new ideas to Cosive internal processes
• Act as a strategic advisor to the Cosive board
• Provide guidance and help to other Cosive staff
• Any other tasks as required

What sorts of things will you work on?

• Helping an organisation form a CTI capability gap analysis and roadmap
• Assessing an organisation’s SOC maturity and practices and helping them improve their tooling and processes
• Developing proof of concept software and integrations
• Knowing the ins and outs of tooling to help organisations get practical outcomes from MISP and other threat intelligence platforms and tools
• Staying on top of developments in the SOC and CTI spaces for tooling, best practices, taxonomies, and new programmes
• Engaging with your peers all across industry in discussion groups and conferences
• Designing integrations between SOC and CTI systems
• Scoping and leading engagements with our customers

What we expect from you

Essentials

The primary skills we need you to have.

• Extensive experience within one or more security domains, especially in the SecOps and CTI domains (others welcome too)
• Demonstrated track record of working with customers in technical and strategic engagements
• Ability to think strategically about an organisations direction and how new opportunities may fit into that
• High autonomy and the ability to work without supervision
• Excellent collaboration skills using remote working technologies
• Excellent client-facing and internal communication skills
• Ability to self-educate and learn new technologies and technical concepts
• Great attention to detail and multitasking skills
• Flexibility to handle changes to processes and procedures as we grow

Desirable

A list of skills that we'd like to have. Feel free to apply even if you don't have any of these skills.

• Experience with MISP, Threat Intelligence Platforms (TIPs), SIEMs and similar technologies
• Cloud and network architecture experience
• Software development / scripting skills using Typescript, Dotnet, Python
• Prior experience participating in or running a cyber exercise or Tabletop Exercise (TTX)
• Training delivery experience
• Interest in AI and LLM for operational usage in cyber teams
• Sales and/or marketing experience
• Social media experience

Contact

If you would like to apply for this role, or are interested in finding out more about this opportunity, please contact us at:

Email: jobs@cosive.com
Phone: +61 402 646 654 (Chris Horsley)

Applications close at 5pm 7 May 2025 Australian Eastern Standard Time.

‍