Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Summary:
This is a client-facing role where you will deliver governance, risk, and compliance (GRC) engagements across a diverse set of industries. You will work directly with client stakeholders to strengthen cybersecurity posture, ensure regulatory alignment, and address key risk areas — with a particular focus on vendor risk management, security frameworks, and compliance programs.
This role is ideal for a professional with hands-on GRC consulting experience who is ready to manage projects, execute risk assessments, and contribute to account growth while working under the guidance of senior consultants and practice leaders.
Responsibilities:
Client Advisory & GRC Consulting
- Support client-facing GRC engagements across industries including financial services, healthcare, critical infrastructure, and government.
- Conduct vendor risk assessments, third-party security audits, and supply chain risk reviews, within the defined timeframes.
- Provide regular reporting and updates and manage co-ordination of vendors and along with validating their responses and ensuring the risk assessment is complete.
- Assist in designing and take ownership in implementing governance frameworks aligned to ISO 27001, NIST CSF, Essential Eight, and client-specific needs.
- Contribute to the development of cybersecurity roadmaps and risk mitigation strategies under senior consultant guidance.
Compliance & Risk Advisory
- Deliver ISO 27001 gap assessments, internal audits, and implementation support.
- Support financial services clients with compliance needs under APRA CPS 234 and related prudential standards.
- Conduct compliance assessments against Australian regulatory requirements including Privacy Act 1988 and SOCI Act obligations.
- Assist with PCI DSS assessments and remediation programs (desirable, not mandatory).
Security Program Support
- Support cloud security reviews across AWS and Azure environments.
- Assist in developing risk registers, incident response plans, and continuity frameworks in line with client business objectives.
- Prepare reports and presentations for executive stakeholders, clearly linking cyber risk insights to business outcomes.
Required Skills & Qualifications:
- Bachelor’s degree in cybersecurity, information systems, or a related field (preferred).
- 3–6 years of experience in cybersecurity, risk management, or compliance-focused consulting.
- Strong experience conducting vendor risk assessments and supplier security reviews.
- Practical knowledge of ISO 27001, NIST CSF, and Essential Eight frameworks.
- Understanding of APRA CPS 234, Privacy Act, and SOCI Act requirements.
- Ability to document and present clear, actionable recommendations to technical and non-technical stakeholders.
- Excellent written and verbal communication skills for client-facing roles.
Certifications:
- ISO 27001 Lead Auditor/Implementer (required)
- CISA/ CISM/ CRISC (preferred but not all required)
- Cloud security certifications (advantageous)
- PCI QSA or PCI DSS experience (advantageous)
Key Skills
Ranked by relevanceReady to apply?
Join StickmanCyber and take your career to the next level!
Application takes less than 5 minutes