Senior Cyber Security GRC & Risk Assurance Consultant
At Excelium, cybersecurity and national security are more than just our focus‑ it is at the heart of what we do. We are modern, adaptable, and effective professionals from diverse backgrounds, united by a shared commitment to excellence. Our high‑performing teams shape regulatory frameworks, develop innovative solutions, and deliver exceptional services to government agencies, private enterprises, and critical infrastructure providers across Australia.
Mission: Counter complex cyber and national security threats, support maturity uplift, and strengthen organisational resilience nationwide.
Role Description
We are seeking an experienced Cyber Security Specialist with a strong focus on Governance, Risk and Compliance (GRC) and Risk Assurance to join our growing Advisory division.
This role is ideal for professionals with expertise in reviewing and advising on cyber practices, policies, designing, reviewing, and implementing secure ICT solutions within government environments. You will play a critical role in driving compliance with Australian Government security frameworks, advising on cyber risk, and contributing to the delivery of secure digital transformation programs.
Key Responsibilities
* Conduct risk assessments, control validation, and compliance reviews aligned with the Information Security Manual (ISM), Protective Security Policy Framework (PSPF), and other relevant standards.
* Develop and review core security documentation including System Security Plans (SSPs), Security Risk Management Plans (SRMPs), Statements of Applicability (SoAs), and Security Assessment Plans (SAPs) and Reports (SARs).
* Provide governance and assurance advice to ensure appropriate application of security policies and risk management principles.
* Support procurement processes by reviewing vendor security assurance, contracts, and compliance deliverables.
* Advise stakeholders on current‑state security posture, emerging risks, and strategic mitigation strategies.
* Collaborate across multidisciplinary teams—including architects, analysts, ICT professionals, and vendors—to deliver integrated, security‑conscious outcomes.
* Promote best practice in governance, risk, and compliance through knowledge sharing and mentorship.
About You
* 4 to 6 years' experience in cyber security roles focusing on GRC within complex or regulated environments.
* Strong understanding of Australian Government security frameworks, including ISM, PSPF, and ASD Essential Eight.
* Proven experience conducting risk and compliance assessments, developing security documentation, and advising on ICT system accreditation.
* Sound knowledge of cloud security controls (AWS, Azure) and contemporary cyber security practices.
* Tertiary qualifications in Cyber Security, ICT, or a related discipline, complemented by relevant industry certifications (e.g., CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor).
* Demonstrated ability to translate complex technical concepts into business‑relevant language and recommendations.
* High level of integrity, professionalism, and discretion in handling sensitive information.
* Excellent stakeholder engagement and communication skills, with the ability to influence decision‑making at senior levels.
* Proven ability to write security policies and procedures aligned to ISM and PSPF.
* Hands‑on experience implementing Essential 8 controls.
* IRAP pre‑assessment and certification/accreditation experience.
* Solid understanding of internet, application, web and network security.
Mandatory Requirements
* Australian Citizenship with AGSVA NV1 Security clearance.
* Ability to work independently or within a multi‑disciplinary team with minimal oversight.
* Strong communication skills to collaborate with teams and stakeholders.
* Critical thinking to assess security gaps and propose solutions.
This is NOT a contracting/labour hire position, it is an internal, permanent and ongoing role. Why Join the Excelium Team?
* Competitive remuneration based on experience – we reward capability.
* Day‑one mentoring from IRAP Assessors and Security Architects.
* A collaborative, no‑ego culture that supports growth and celebrates success.
* Opportunities to work on meaningful, high‑impact projects across various industries.
* Flexible work arrangements and support for ongoing learning and professional development.
Our Commitment to Diversity
Excelium is an equal opportunity employer and is committed to creating an inclusive workplace that values and celebrates diversity. We strongly encourage applications from Aboriginal and Torres Strait Islander peoples, veterans, individuals with disabilities, and people of all cultural backgrounds.
How to Apply
Please click 'Apply' and submit your CV and a cover letter outlining your experience.
For a confidential discussion regarding your application, please reach out to our Talent Acquisition Coordinator at – let's explore how your expertise can contribute to building a more secure and resilient Australia.
Seniority level
Mid‑Senior level
Employment type
Full‑time
Job function
Information Technology
Industries
IT Services and IT Consulting
Get notified about new Cyber Security Consultant jobs in Canberra, Australian Capital Territory, Australia.
#J-18808-Ljbffr