Cyber Security Consultant

📌 Job Title: Cyber Security Consultant (PCI DSS/GRC)

📍 Location: Sydney, NSW (2 days in the office – Wednesdays required)

📅 Contract Length: 6 months initially, potential to extend

✅ Candidates with PCI DSS, cyber risk, and GRC experience will be highly valued

Are you an experienced Cyber Security Consultant with strong PCI DSS and cyber risk expertise? This is an opportunity to join a high-performing divisional GRC team and play a key role in uplifting security controls, improving compliance maturity, and supporting critical security initiatives across the business.

About the Role

As a Cyber Security Consultant, you will split your time between PCI DSS project work and broader cyber risk, compliance and governance activities. You’ll work closely with divisional teams, Security Architects, the DSO and key business stakeholders to review controls, perform assessments, and support the uplift of cyber security frameworks and standards across the organisation.

What You’ll Be Doing

PCI DSS Uplift

• Support the implementation and uplift of PCI DSS controls across the business

• Conduct control testing and advise on what “good” looks like for PCI compliance

• Perform design reviews, architecture assessments, and pre/post-implementation checks

• Prepare updates, evidence and reporting for quarterly PCI governance reviews

Cyber Risk & GRC Activities

• Perform cyber risk assessments and support internal audit activities

• Review, update and provide input into security policies, standards and procedures

• Manage findings, remediation actions and uplift activities across divisional teams

• Support SOCI, ISO27001 and broader regulatory compliance efforts

Stakeholder Engagement & Governance

• Partner closely with technical and business stakeholders to validate risks and controls

• Present updates clearly to leadership and governance forums

• Work collaboratively with the DSO and wider Cyber GRC teams

What You Bring

• Strong hands-on experience with PCI DSS – control testing, assessments, design reviews

• Solid background in cyber risk, GRC, compliance, or audit support

• Experience with ISO27001, NIST, SOCI or cyber assurance

• Experience assessing architecture and solution designs from a security perspective

• Excellent stakeholder engagement and communication skills

• Ability to work confidently in a hybrid environment and manage competing priorities

• Must be Sydney-based and available for onsite work weekly

Nice to Have

• Relevant certifications (CISA, CISSP, PCI ISA, CRISC, ISO Auditor)