Security Consultants in the Federal Governance, Risk and Compliance practice provide a diverse range of services to our clients. We are currently on the lookout for talented candidates at the Consultant and Senior Consultant level with experience in delivering security governance, risk and compliance services into Australian Government agencies.

Australian Citizenship is required for the role with an NV1 AGSVA Clearance mandatory.

ACCOUNTABILITIES

• Undertake thorough system security control assessments, identifying vulnerabilities and potential risks
• Provide insightful analysis and recommendations to enhance the overall security posture
• Develop and maintain comprehensive system security artefacts, ensuring documentation accuracy and relevance
• Collaborate with stakeholders to gather necessary information for artifact creation
• Develop detailed risk treatment plans based on identified threats, outlining effective mitigation strategies
• Contribute to the development of enterprise security strategies, aligning them with overarching business objectives
• Provide expertise in tailoring security strategies to meet specific client needs and industry standards
• Engage with clients in a professional and consultative manner, understanding their unique security needs
• Effectively communicate security recommendations and strategies to clients, fostering strong client relationships
• Maintain detailed documentation, including design documentation and standard operating procedures

RESPONSIBILITIES

Working in small teams or individually, our security consultants deliver exceptional security outcomes for our clients. Typical engagements include:

• Undertaking system security control, threat and risk assessments
• Developing system security artefacts
• Developing risk treatment plans
• Developing enterprise security strategies
• Developing cyber security frameworks including policies and procedures

SKILLS & ATTRIBUTES

• Proficient in conducting system security control assessments to identify vulnerabilities and risks
• Demonstrated ability to create comprehensive system security artefacts essential for a thorough security posture
• Skilful in developing risk treatment plans to mitigate identified threats effectively
• Proven experience in developing enterprise security strategies aligned with organisational objectives
• Expertise in developing and implementing cyber security frameworks, policies, and procedures to safeguard critical assets
• Strong collaborative skills to work effectively in small teams, ensuring synergy and optimal project outcomes
• Ability to work independently, demonstrating self-reliance and initiative in delivering high-quality security solutions

EDUCATIONAL & PREVIOUS EXPERIENCE

• Relevant bachelor's degree or equivalent industry experience is highly regarded
• Minimum of 2 years' hands-on experience in delivering security governance, risk, and compliance services within a government context
• In-depth knowledge of Australian Government Information Security Manual (ISM), Protective Security Policy Framework (PSPF), ISO 27001, NIST CSF, and ASD Essential Eight
• Industry certifications such as CISSP, CISM, ISO 27001 Lead Auditor/Implementer, or IRAP are highly beneficial but not mandatory
• Excellent written and verbal communication skills, crucial for effective collaboration and client engagement

BENEFITS

• Opportunities to undertake technical training and secure industry recognised certifications
• Flexible working arrangements with a mix of remote and in-person work
• Opportunities to work with some of the best cybersecurity professionals in the region and to grow and develop your career
• Joining a team of highly skilled and multi-cultural security professionals