As a Senior Risk / GRC Consultant your role will be heavily client facing and have a strong problem-solving focus. The successful individual will be able to work with customers to enhance their security posture whilst maintaining regular and informative communications with stakeholders.
We are looking for an individual who can work independently, already has experience in a senior security consulting role and has applied themselves to industry standards such as ISO27001, ISO22301, SACSF, Essential Eight, NIST, ITIL, BCI Good Practice.
The role is based in Adelaide, although national and international travel may potentially be required at some stage.
You will be expected to:
- Evaluate business goals, provide assessments on current capabilities, and set direction through detailed security plans.
- Demonstrate a strong knowledge of risk and compliance writing. Understanding enterprise, operational and program-level risk profile frameworks, methodologies, and approaches.
- Develop or enhance information security risk procedures, conduct workshops and awareness training.
- Provide support to the Cyber Advisory team in various internal and client projects.
- Lead audits and evaluate the effectiveness and efficiency of information security controls.
- Help clients to design and implement measures and metrics reporting.
- Lead pre-sales discussions and present confidently to clients, following up with program design and proposals.
- Identify market trends, best practices, and new solutions or opportunities for improvement that should be considered and/or applied within our projects.
Depending on your area of expertise, you may be required to provide clients pragmatic advice on topics such as:
- ISO 27001 / ISMS / ISMF / PSPF / SACSF Implementation and Management Review
- Information Security Risk Management
- Control selection – using standards such as: ISO 27001, NIST, PCI DSS as the supporting framework
- Incident Management
- Business Continuity
- Privacy and Data Protection
Qualifications
- MSC in a relevant degree is desirable but not a requirement. Experience will be more highly regarded for this position.
- Desirable Certifications:
- o ISO 27001 Lead Implementor / Lead Auditor
- o CISM / CISA / CRISC
- o CBCI / CBCP / MBCI
- o COBIT / ITIL
- o CISSP
- Memberships
- o ISACA, AISA, BCI and RMIA
Experience
- Applied knowledge and In-depth understanding various frameworks and best practices that align with current standards, good practices, and local regulations in relation to cyber security.
- Between 5-10 years relevant Senior work experience.
- MUST have experience in writing high quality reports and presentations.
As the role is based in the CBD it has excellent vehicle access and public transport access but also has flexible working arrangements that allow you to work from home when appropriate.
You will be rewarded with an attractive remuneration package commensurate with your experience, training and a career path progression plan, plus up to an additional 5 day’s study leave per annum to enable you to focus on personal development activities.
All applicants must have the right to live and work in Australia
Please note: Police checks will be performed for successful candidates.
If this sparks your interest, and aligns to your skills, we would like to know more about you, please apply via the link.
For further information about this exciting opportunity, please apply via The Project Diary.