About the Role
As a Senior Consultant within BDO’s Cyber Security Practice, you will play an important role in the delivery of Governance, Risk, and Compliance (GRC) and Essential Eight (E8) engagements. This individual contributor role is ideal for cyber professionals who have an excellent understanding of GRC, E8 and Cyber Security best practices and are looking to work within a supportive, highly functioning team while taking their career to the next level. You will be working on interesting GRC and E8 engagements, helping a range of clients develop and manage robust, technically sound frameworks that align with both business objectives and regulatory requirements. You will play an important part of the team by providing a comprehensive range of GRC and E8 services, including risk assessments, compliance audits, policy development, third‑party risk management, E8 audits and enabling the implementation of security controls. Key Duties and Responsibilities
Deliver GRC and E8 related projects under the guidance of our GRC leadership team Work closely with an engagement manager to deliver GRC related services, covering: ISMS/ISO27001 implementations and gap assessments; E8 assessments and maturity reviews; security strategy, maturity assessments and roadmaps; cyber security health checks against better practice standards (e.g. ISO27001, E8, NISTCSF, ACSC Essential8, APRACPS234, AESCSF, etc.); threat risk assessments across Cloud Service, Business Applications, IoT/OT functions Work with other service lines to ensure holistic and fit‑for‑purpose cyber security outcomes Support Directors and Partners with client business development activities such as drafting of proposals and engagement letters Be active within the cyber security industry and community to stay on top of latest technical security industry trends and build out your network Skills / Attributes required
Strong knowledge and demonstrable experience of cyber security industry standards (e.g. ISO27001, NISTCSF, etc.) Strong knowledge and demonstrable experience of implementing or assessing compliance with E8 Understanding of threat risk assessment concepts (IT, IoT, SCADA, Cloud) Experience with explaining cyber security concepts to a technical and non‑technical audience Advisory / consulting experience – either to external clients or internal teams Involvement in the cyber security community Anticipates needs and takes initiative without prompting Seeks feedback, learns quickly, and applies insights to improve results Delivers high‑quality work with strong attention to detail and accuracy Prioritises effectively, plans work and meets deadlines consistently Qualifications and Experience Required
3+ years professional experience working in a related cyber security discipline Verifiable experience working with one or more relevant security framework, standard, or technical regulation (e.g. ISO27001, NIST, PCI‑DSS, AESCSF) Verifiable experience working with Essential8 controls Familiarity with risk management and compliance tools and security technologies (e.g. firewalls, IDS/IPS, cloud platforms) A tertiary qualification in information technology, computer science, cyber security, or a related field is highly desirable (but not mandatory) Experience in a professional services environment is highly desirable (but not mandatory) Benefits
Opportunity to work on interesting client engagements across diverse industry sectors and services A supportive, highly functioning team with access to Partners and professional mentors Health and wellbeing benefits, social, financial, and professional development benefits Participation in fitness challenges, corporate health insurance discounts, gym memberships and wellness facilities via BWell program Access to travel perks, retail discounts, employee referral rewards, study and professional development support Leave options with enhanced family support, cultural and religious leave, and purchase of additional leave Community initiative involvement via BCaring program On‑the‑job training and formal development programs to help you succeed and develop your skills and experience Recognition as an Inclusive Employer for 2025‑2026 by the Diversity Council of Australia and a 2024‑2025 Employer of Choice for Gender Equality by the Workplace Gender Equality Agency (WGEA) Commitment to inclusive and accessible recruitment practices EEO Statement
BDO is committed to inclusive and accessible recruitment practices. If you require any reasonable adjustments to support your application or interview process, please let us know.
#J-18808-Ljbffr