This is not a job advertisement; this is a mission advertisement.

We are not here to fill a vacant position; we are here to find those who strive for excellence, go the extra mile, and crave continuous growth.

We are a high-growth, all-Australian cybersecurity firm and we are looking for driven people to join this team.

We are looking for individuals who refuse to see a ceiling to their potential – ctrl:cyber is a place where your drive and expertise are met with equal enthusiasm and opportunity. Dive into a culture that treasures innovation and offers a growth platform that is as limitless as your ambition and work ethic.

Expect motivated and talented co-workers with high integrity, expect to be doing meaningful work, and expect to be challenged, because we are a team who always aim high.

Let’s talk about the role:

We’re continuing to grow and are looking for an experienced Governance Risk & Compliance (GRC) Consultant to join our talented GRC team. The role is an office-based role in Melbourne, with one day wfh p/week. You’ll be primarily responsible for ensuring that our clients’ cybersecurity programs are compliant with industry standards and regulations, and that they are operating efficiently and effectively to minimise cybersecurity risks. You’ll also collaborate closely with other departments to develop and implement policies, procedures, and best practices that align with the organisation’s risk appetite, compliance requirements, and business goals.

Let’s talk about your responsibilities:

  • Conduct risk assessments and audits to identify vulnerabilities and cybersecurity risks
  • Develop and implement policies, procedures, and best practices for information security and compliance
  • Develop and implement a cybersecurity governance framework to ensure the organisation’s cybersecurity program aligns with business goals and risk appetite
  • Conduct compliance assessments to ensure the organization is adhering to industry standards and regulations, such as ISO 27001, NIST CSF, Essential 8, PCI-DSS, Australian ISM, the Privacy Act and GDPR
  • Develop and implement cybersecurity training and awareness programs for employees to promote a culture of security
  • Work closely with our client’s technology teams to develop incident response plans and conduct tabletop exercises to test the plans
  • Provide guidance and support to other internal security teams and other departments on cybersecurity governance.
  • Lead project work unsupervised and retainer work under supervision

Let’s talk about your skills:

Your previous experience has enabled you to hone your communication and collaboration skills to seamlessly interact with a variety of internal and external stakeholders throughout projects. You’ll be a highly organised, natural problem solver with the ability to manage your time easily to ensure quality outcomes are delivered on time. Your other attributes will include:

  • Minimum 2 years industry experience in cybersecurity governance, risk, and compliance consulting in a similar cybersecurity role
  • Experience conducting all or most of the above works, delivered to a level of quality that reflects a strong understanding of our client’s security risks and the specific actions needed to remediate them
  • Experience leading complex project and retainer engagements under supervision — this role offers the chance to work with some of the best consultants in the business!
  • Bachelor’s or Master’s Degree in Computer Science, Information Security, or related work experience
  • Strong knowledge of cybersecurity frameworks and standards, such as NIST, ISO 27001/2, Essential 8 and CIS Controls
  • Project management skills and the ability to manage multiple projects simultaneously
  • Strong IT technical knowledge across environments such as networking cloud, application of layer firewalls, networking concepts, SIEM, anti-virus, EDR, anti-spam/email filtering, and data loss prevention, etc
  • Experience working with Microsoft 365, Azure, AWS
  • At least 1 Industry implementation Certification: CISSP, CISM, CRISC, and/or CISA

Ignite your career, apply below.