Cyber Security GRC Consultant
Leidos Australia
We are a family‑friendly certified workplace that supports employees balancing family and work responsibilities. Leidos Australia delivers IT and airborne solutions across government, intelligence, defence, aviation, border protection and health markets.
About the Role
Within Leidos Central Processing (CP) Security, the Cyber Security GRC Consultant supports the governance, risk, and compliance domains within the cybersecurity program for the CP Environment. This role maintains enterprise‑wide compliance with regulatory requirements, internal policies and industry best practices, helping to mature the security posture and risk‑management capabilities of a complex strategic environment.
Key Responsibilities
* Develop, implement, and maintain cybersecurity policies and standards aligned with frameworks (e.g., NIST CSF, ISO/IEC 27001, DSPF, ISM) and prepare security assessment documentation for system authorisations.
* Conduct and support risk assessments across systems and vendors, track remediation efforts and coordinate audits to ensure compliance with regulatory and internal requirements.
* Review and assess third‑party vendors for security risks, provide mitigation strategies and support due diligence processes.
* Deliver security awareness programmes, develop targeted training and report GRC metrics and KPIs through dashboards and documentation for leadership and working groups.
* Act as a trusted advisor, mentor junior team members and identify opportunities for automation and strategic enhancements to mature the GRC function.
Qualifications & Experience
* Proven experience in GRC‑focused information security roles.
* Strong understanding of cybersecurity standards, regulations and risk frameworks, plus experience in Defence environments and the Cyber Security Assessment and Authorisation Framework.
* Excellent written and verbal communication, strong analytical and problem‑solving skills, ability to work independently to deliver outcomes.
* Certifications such as CISSP, CISA, CISM, CRISC, CGEIT, ISO 27001 Lead Implementer/Auditor or IRAP highly regarded; experience in regulated sectors (Defence, finance, healthcare, energy, government) desirable.
* Strategic thinking, risk‑based decision‑making, project management capability, regulatory acumen, and technical understanding of cybersecurity controls.
Security Clearance
This role requires the successful applicant to be an Australian Citizen and hold a NV‑1 level security clearance and ability to uplift and maintain NV‑2.
Recruitment Process
* Apply via the Leidos careers page or following the provided links.
* Virtual or face‑to‑face interview and background checks.
* Applicants may need to meet ITAR requirements; applicable for those holding dual nationality or permanent residency.
* For assistance during the application process contact
Equal Opportunity and Diversity
Leidos Australia is an equal opportunities organisation committed to creating an inclusive workplace. We welcome applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people and people of all genders, sexualities and age groups.
Salary: A$156,000.00‑A$178,000.00 | Location: Canberra, Australian Capital Territory
#J-18808-Ljbffr