Mercury Information Security Services

Mercury Information Security Services

Speciality: Penetration Testing and Red Team Exercises

Sydney, Australia 15 employees
Visit Website View on LinkedIn
[01] About

Cybersecurity company specializing in penetration testing and security assessments; 11 employees; Founded 2015; Sydney, Australia; Offers internal, external, web, mobile, Wi-Fi, and other pentest services.

Our mission is to provide organisations with a comprehensive, world class range of customised information security services and advice which will enable them to secure and protect all aspects of their IT infrastructure. Founded in 2015, Mercury seeks to provide sound and independent expertise across an array of technical security domains. It achieves this by synchronising and customising our services to meet our clients business requirements and engaging with them as trusted advisors, providing constructive and pragmatic security advice.
[02] Services
Provides Comprehensive Cybersecurity Services Including Architecture
Assurance
Governance
Research
Penetration Testing
Red Team Operations
Cloud Security Assessments
IRAP Assessment Support.
[03] Certifications
CISA

CISA Certification Overview


Origin and History


The Certified Information Systems Auditor (CISA) certification was created by ISACA (Information Systems Audit and Control Association) in 1978. ISACA developed this credential in response to the growing need for standardized expertise in auditing, controlling, and securing information systems. As one of the oldest IT audit and security certifications available, CISA was designed to validate the knowledge and skills of professionals responsible for assessing an organization's IT and business systems vulnerabilities and implementing appropriate controls.


Industry Value and Importance


CISA is highly valued in the industry because it demonstrates a professional's ability to assess risk, implement controls, and ensure compliance with regulatory requirements. The certification is globally recognized and often required or preferred for roles in IT audit, cybersecurity, risk management, and compliance positions. Many organizations, particularly financial institutions, government agencies, and publicly traded companies, specifically seek CISA-certified professionals to meet internal audit requirements and regulatory obligations. The credential's emphasis on both technical knowledge and practical application makes it particularly relevant for professionals who need to bridge the gap between IT operations and business governance.
CISSP

CISSP Certification Overview


Origin


The Certified Information Systems Security Professional (CISSP) was created by the International Information System Security Certification Consortium, commonly known as (ISC)², in 1994. The certification was developed in response to the growing need for a standardized, vendor-neutral credential that could validate the expertise of information security professionals. (ISC)² designed the CISSP to establish a common body of knowledge for the cybersecurity field and provide a benchmark for measuring professional competence in information security.


Industry Value


The CISSP is widely regarded as one of the most prestigious and recognized certifications in cybersecurity, often required or preferred for senior-level security positions. Its value stems from its comprehensive coverage of eight security domains, including security operations, asset security, and security architecture, which demonstrates a candidate's broad expertise across the entire security landscape. The certification is accredited to ISO/IEC Standard 17024 and meets U.S. Department of Defense Directive 8570 requirements, making it particularly valuable for government contractors and enterprise organizations. Employers value CISSP-certified professionals because the rigorous examination process and experience requirements (minimum five years) ensure holders possess both theoretical knowledge and practical experience in managing and implementing security programs.
CREST

CREST Cybersecurity Certification


Origin


CREST (Council of Registered Ethical Security Testers) was established in 2006 in the United Kingdom by a group of cybersecurity professionals and industry representatives. It was created to address the growing need for standardized, recognized qualifications in penetration testing and cybersecurity services. The organization emerged from concerns about the quality and professionalism of security testing services, aiming to provide a framework that would certify both individual practitioners and the companies that employ them.


Industry Value


CREST certifications are highly valued in the cybersecurity industry because they demonstrate a practitioner's technical competence and adherence to professional ethical standards. Many government agencies, financial institutions, and large corporations specifically require CREST-certified professionals when procuring penetration testing or security assessment services. The certification provides assurance to employers and clients that certified individuals have been independently verified to possess the necessary skills and knowledge, and that they follow established codes of conduct. This makes CREST credentials particularly important for cybersecurity professionals working in regulated industries or seeking to work with organizations that have stringent security requirements.

Offensive Security Exploitation Professional
Offensive Security Exploitation Expert
Offensive Security Certified Expert
Australian Institute Of Company Directors
Offensive Security Web Expert
Offensive Security Certified Professional