Cybersecurity GRC ConsultantTrack This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Triskele Labs are one of the leading providers of cybersecurity services in Australia. We assist clients to reduce their risk of a cyber compromise through the delivery of risk-considered controls.
Triskele Labs are one of the last remaining boutiques in Australia. We are currently the largest CREST Registered Penetration Testing company in Melbourne and one of the only boutiques to run a 24x7x365 Security Operations Team completely onshore.
Are you looking to work in cybersecurity consulting where real impact matters more than ticking boxes? Triskele Labs is seeking a Cybersecurity GRC Consultant to join our growing Advisory team in Melbourne.
In this hybrid client-facing role, you’ll work across industries to deliver clear, practical security assessments that help organisations meaningfully reduce risk. You’ll support implementation and uplift efforts aligned to frameworks like ISO 27001, NIST CSF, and the Essential Eight, working closely with both technical and non-technical stakeholders to drive change where it matters most.
We’re looking for someone who brings both security expertise and a questioning mindset — someone who is comfortable challenging assumptions, validating controls, and helping our clients cut through complexity. You’ll also have the opportunity to collaborate with other internal teams across offensive security, DFIR, and detection and response.
If you want to grow your GRC career in a role where the work is valued, varied, and grounded in the real world, this could be the perfect fit.
Requirements
Key Responsibilities
Required
Reports to: Senior GRC Consultant
Works with: Advisory team, technical practices, and clients
Benefits
Team culture is everything to Triskele Labs and it is the reason we exist. We are a forward-thinking company and always looking for ways to boost our team culture to ensure we are a destination employer. We continually undertake surveys to seek feedback from our team on ways we can improve our work environment and team member experience at Triskele Labs.
We provide our team a great range of additional benefits such as:
At Triskele Labs, we value initiative and attention to detail—so please include a cover letter addressed to Rob Barry, Chief Operating Officer, with your application. Applications without a cover letter will not be progressed.
Working Arrangements
The role is full time, Monday to Friday in our Collins St Melbourne office, with hybrid working arrangements: two days in-office, three days remote (client needs may vary). Occasional interstate travel may be required.
Triskele Labs are one of the last remaining boutiques in Australia. We are currently the largest CREST Registered Penetration Testing company in Melbourne and one of the only boutiques to run a 24x7x365 Security Operations Team completely onshore.
Are you looking to work in cybersecurity consulting where real impact matters more than ticking boxes? Triskele Labs is seeking a Cybersecurity GRC Consultant to join our growing Advisory team in Melbourne.
In this hybrid client-facing role, you’ll work across industries to deliver clear, practical security assessments that help organisations meaningfully reduce risk. You’ll support implementation and uplift efforts aligned to frameworks like ISO 27001, NIST CSF, and the Essential Eight, working closely with both technical and non-technical stakeholders to drive change where it matters most.
We’re looking for someone who brings both security expertise and a questioning mindset — someone who is comfortable challenging assumptions, validating controls, and helping our clients cut through complexity. You’ll also have the opportunity to collaborate with other internal teams across offensive security, DFIR, and detection and response.
If you want to grow your GRC career in a role where the work is valued, varied, and grounded in the real world, this could be the perfect fit.
Requirements
Key Responsibilities
- Conduct cybersecurity risk assessments aligned to ISO 27001, NIST CSF, Essential Eight and related frameworks
- Perform gap assessments and control maturity reviews for regulatory, compliance, and best-practice purposes
- Support the development and implementation of Information Security Management Systems (ISMS)
- Create board and executive-level reporting to communicate cyber risks and prioritise remediation
- Facilitate workshops and lead conversations with stakeholders across technical and business functions
- Work closely with internal experts in SOC, red teaming, and DFIR to ground recommendations in operational realities
- Build lasting relationships with clients and support them throughout their cyber maturity journey
- 2–4 years of experience in cybersecurity GRC, ideally across multiple sectors or clients
- Practical knowledge of ISO 27001, NIST CSF, and Essential Eight
- Experience conducting risk assessments and drafting core security documentation (e.g., risk registers, policies, reports)
- Strong communication and engagement skills with business and technical audiences
- A proactive, consultative approach to understanding and validating control environments
- Technical awareness of security operations and engineering concepts
- Willingness to learn, take initiative, and own deliverables in a collaborative team setting
Required
- ISO 27001 Lead Implementor or Auditor
- One or more of the following: CISSP, CISM, CISA (or working towards)
- SABSA or CRISC
- ITIL Foundations
- Additional governance or cloud-related security certifications
- Excellent written and verbal communication
- Strong attention to detail and structured thinking
- Ability to balance autonomy with teamwork in a fast-paced environment
- A genuine interest in helping organisations improve their security maturity
- Client-first mindset with professional integrity
- Timely, high-quality delivery of client engagements
- Positive stakeholder feedback and repeat client engagements
- Development and contribution to internal documentation and toolkits
- 75–80% billable utilisation
- Active engagement in professional development
Reports to: Senior GRC Consultant
Works with: Advisory team, technical practices, and clients
Benefits
Team culture is everything to Triskele Labs and it is the reason we exist. We are a forward-thinking company and always looking for ways to boost our team culture to ensure we are a destination employer. We continually undertake surveys to seek feedback from our team on ways we can improve our work environment and team member experience at Triskele Labs.
We provide our team a great range of additional benefits such as:
- Hybrid Flexibility: Work two days per week from our Melbourne CBD office, and remotely the rest of the week (subject to client needs)
- Varied Client Engagements: Collaborate with organisations of all sizes, across industries and maturity levels
- Career Development: Access ongoing mentorship, structured training pathways, and certification support
- Real-World Cybersecurity Exposure: Collaborate with our internal red team, SOC, and incident response units to deepen your practical understanding
- People & Culture: Participate in team events, offsites, and connection initiatives run by our dedicated People & Culture team
At Triskele Labs, we value initiative and attention to detail—so please include a cover letter addressed to Rob Barry, Chief Operating Officer, with your application. Applications without a cover letter will not be progressed.
Working Arrangements
The role is full time, Monday to Friday in our Collins St Melbourne office, with hybrid working arrangements: two days in-office, three days remote (client needs may vary). Occasional interstate travel may be required.
Ready to apply?
Join Triskele Labs and take your career to the next level!
Application takes less than 5 minutes
Post Date
2025-07-09
Job Type
REMOTE
Employment type
Full-time
Category
Information Technology
Level
Mid-Senior
Country
Australia
Industry
ComputerNetwork Security ,
*******