Job Summary:
We are seeking a skilled Cybersecurity GRC Consultant to join our advisory team in Melbourne. The ideal candidate will have experience in conducting cybersecurity risk assessments and implementing Information Security Management Systems (ISMS).
Main Responsibilities:
- Conduct comprehensive risk assessments aligned to industry frameworks such as ISO 27001, NIST CSF, and the Essential Eight.
- Perform gap assessments and control maturity reviews for regulatory, compliance, and best-practice purposes.
- Develop and implement effective ISMS solutions that meet client needs.
- Communicate complex technical information to stakeholders at all levels of an organisation.
Key Skills and Qualifications:
- Minimum 2-4 years of experience in cybersecurity GRC, preferably across multiple sectors or clients.
- Strong knowledge of industry frameworks, including ISO 27001, NIST CSF, and the Essential Eight.
- Proven ability to conduct thorough risk assessments and draft core security documentation.
- Excellent communication and engagement skills with business and technical audiences.
Desirable Certifications:
- ISO 27001 Lead Implementor or Auditor certification is highly desirable.
- One or more of the following certifications: CISSP, CISM, CISA (or working towards).
Benefits and Working Arrangements:
- A collaborative and supportive work environment with opportunities for growth and development.
- Flexible working arrangements, including two days in-office and three days remote (subject to client needs).
- Occasional interstate travel may be required.
About the Role:
This is a full-time position, Monday to Friday in our Collins St Melbourne office. As a Cybersecurity GRC Consultant, you will play a critical role in helping organisations improve their cyber maturity and reduce risk. If you have a passion for cybersecurity and a strong desire to make a real impact, we encourage you to apply.