Cyber Security GRC Consultant – Government & Regulated Environments
About the client:
Our client is a major organisation committed to strengthening ICT security and compliance across complex environments. This role is pivotal in delivering robust governance, risk, and compliance (GRC) services aligned with Australian Government standards.
About the role:
We are seeking an experienced Cyber Security GRC Consultant to develop policies, conduct risk and compliance assessments, and support the client’s security posture. You’ll work closely with stakeholders to ensure alignment with ISM, PSPF, Essential Eight, and IRAP requirements, delivering actionable recommendations and high-quality documentation.
Key Responsibilities:
• Develop, review, and deliver ICT security policies and standards aligned with compliance requirements.
• Conduct comprehensive threat and security risk assessments at agency and system levels.
• Perform compliance assessments against ISM, PSPF, and Essential Eight frameworks.
• Undertake IRAP assessments in line with Australian Government requirements.
• Provide expert advice on incident response, security architecture, and control effectiveness.
• Produce high-quality documentation, reports, and recommendations.
• Collaborate with technical teams, business units, and external stakeholders to ensure effective security governance.
Required Experience:
• Extensive experience in Cyber Security Governance, Risk, and Compliance roles, ideally within Australian Government or regulated environments.
• Strong understanding of ISM, PSPF, Essential Eight, and IRAP assessment processes.
• Proven ability to conduct security risk assessments and develop actionable recommendations.
• Excellent written and verbal communication skills for stakeholder engagement.
• Relevant certifications (IRAP Assessor, CISSP, CISM, CRISC, or equivalent) highly desirable.
• Strong analytical and problem-solving skills with attention to detail.
Other Requirements:
• Must hold (or be eligible for) Australian Government NV1 security clearance.
• Ability to work independently and as part of a multidisciplinary team.
• Commitment to continuous improvement and staying current with evolving cyber security standards and threats.
What’s on offer?
This is a contract role based in Canberra (preferred), with options in Brisbane, Sydney, Melbourne, or Adelaide. You’ll play a key role in enhancing cyber resilience and compliance in a high-impact environment.
How to Apply
Please upload your CV to apply. For direct enquiries about the role, contact Farbar Siddiq at farbars@whizdom.com.au
or 0489 922 211.
Suitable candidates will be contacted with next steps. You may be required to complete selection criteria as part of the application process.
