Security Consultant - GRC (Sydney)

8 November 2021

Role: Security Consultant
Location: Sydney
Division: Governance, Risk and Compliance

About The Role

Security Centric are looking to recruit a talented individual who has a strong background in Information Security, Cyber Security, Data Privacy, Information Risk Management and/or Cloud Security. The candidate will work with the Governance, Risk and Compliance (GRC) delivery team, reporting to the Lead GRC Consultant. The team is comprised of highly skilled and motivated security professionals, that are focused on helping organisations achieve their strategic information security objectives driven by business risk.

Experience in a similar consultancy role is desirable although not a requirement, however given this is a client facing role excellent communications skills are essential. Ideally, the candidate would have a strong technical background coupled with strategic security governance exposure to assist clients in achieving and sustaining compliance with a continuously growing regulatory framework.

Candidates should have experience or knowledge in some or all of the following areas:

  • Providing executive level strategic security advice based on compliance regulations
  • Cyber security strategy and target operating model development
  • Articulating business and IT strategic objectives / risks with information security impact
  • ISO 27001, PCI DSS and IRAP ISM certification gap analysis and remediation strategy development
  • NIST CSF and ACSC Essential Eight aligned cyber security maturity assessment and remediation strategy development
  • APRA CPS 234 Prudential Standard gap analysis and remediation strategy development
  • Implementation support in the area of information security / data privacy domains
  • Project management principles / experience
  • Candidates must be articulate in both written and verbal communication, have a demonstrable experience working in a stand-alone role (specifically customer facing) and have a strong ability to produce well written and well-presented reports / documentation.

About You

You’ll have 2 - 3 years of experience in an Information Security, IT Audit, Risk or Compliance field. You’ll be a strategic and innovative thinker with strong organisational skills and an understanding of a range of industries and sectors. Interpersonal skills are a must, with the proven ability to communicate effectively at all levels with clients and internally.

Candidates will hold or be studying towards one or some of the following certifications or equivalent:

  • Security +
  • Associate CISSP
  • CISA
  • CISM
  • CDPSE
  • Associate PCI DSS QSA
  • ISO 27001 Lead Auditor or Lead Implementor.

What We Offer

This role offers a highly competitive salary, ongoing learning and development plan for certifications and flexible working arrangements. The diversity of our customer base exposes you to varied and interesting industries including both government agencies and private sector organisations and facilitates the opportunity to learn new skills ultimately growing your skill set and enriching your career.

This role will be based in Sydney and will have a mixture of office working, home working and some travel to client sites.