We're looking for a Principal Consultant, GRC to lead high-impact engagements and shape security outcomes at scale.
About CyberCX
CyberCX is Australia and New Zealand's leading cyber security services provider, trusted by private and public sector organisations to help manage cyber risk, respond to incidents, and build resilience in an increasingly complex threat landscape.
With a workforce of over 1,400 professionals, CyberCX delivers end-to-end cyber capabilities across consulting and advisory, governance, risk and compliance, incident response, penetration testing, cloud and infrastructure solutions, identity and access management, and managed security services.
The Opportunity
This is a senior advisory role for someone who thrives on complexity and influence.
As a Principal Consultant, you will:
* Lead complex cyber risk and compliance engagements across enterprise and government
* Conduct formal risk assessments aligned to ISM, PSPF, DSPF, NIST CSF, ISO 27001, CPS234 and related frameworks
* Design and oversee implementation of fit‐for‐purpose security solutions
* Produce board‐ready reports with clear, commercial recommendations
* Act as a subject matter expert and mentor within our GRC practice
* Contribute to capability uplift and thought leadership across CyberCX
You will work closely with clients to translate regulatory and framework requirements into practical, defensible security outcomes.
What We're Looking For
* Deep experience assessing and/or implementing frameworks including ISM, ISO 27001, NIST CSF, PCI DSS, PSPF, DSPF, CPS234
* Major security certification (CISM, CISA, CISSP, ISO LA/LI or similar)
* Strong consulting background – ideally within a global consulting firm or large technology organisation
* Exceptional stakeholder engagement skills with credibility at senior and executive levels
* Demonstrated ability to lead engagements and mentor junior consultants
* Australian citizenship is required
Why Join CyberCX?
* Work on nationally significant programs across enterprise and government
* Engage directly with senior leadership on complex strategic initiatives
* Be part of Australia's largest dedicated cyber security capability
* Flexible hybrid environment (Brisbane-based, not fully remote)
* Clear career progression within a growing national practice
This role is ideal for a senior GRC practitioner ready to operate at Principal level and influence both client outcomes and internal capability. Apply For Job
#J-18808-Ljbffr