About Excelium

Excelium Consulting is a boutique Cyber & National Security Consulting firm focused on delivering high quality cyber services for our clients.

As a 100% Australian-owned and operated company, we have become a trusted partner for federal, state and local governments, as well as private industry.

Our successful candidate will need a strong work ethic, high attention to detail, be a strong team player, be keen to learn and most of all have a good attitude.

Responsibilities and Duties:

Collaborate with both technical and non-technical stakeholders to identify, assess, and advocate for security requirements, ensuring that all aspects of system security are addressed.

Lead the development and execution of comprehensive security authorisation plans, producing key documentation such as SRMP, SSP, IRP, CMP, and risk assessments to achieve system authorisation.

Conduct thorough security assessments, risk analyses, and recommend strategies for mitigating identified vulnerabilities and threats.

Own the planning and execution of security assessment across multiple projects, ensuring that they meet compliance standards.

Develop and enforce security policies, best practices, and standards across all platforms, ensuring alignment with industry regulations and guidelines.

Perform regular security audits, vulnerability assessments to ensure compliance with relevant standards and identify areas for improvement.

Provide guidance and training to internal teams on security best practices, ensuring that employees adhere to organizational security protocols and guidelines.

Stay updated on the latest security trends and emerging risks, continuously adapting and enhancing security measures to address evolving challenges.

Required Skills and Experience

Minimum five (5) years’ experience in cyber security for government

Proven expertise in applying cybersecurity frameworks such as the Australian Government Information Security Manual (ISM), NIST or ISO 27001.

Hands-on experience in the cybersecurity domain or certifications such as CISSP, CISM, IRAP or equivalent would be advantageous. Proven expertise in Cyber GRC, including governance, risk management, compliance, and the use of GRC tools to ensure robust cybersecurity practices and regulatory adherence.

Demonstrated experience in conducting risk assessments, vulnerability management, and the implementation of security controls and mitigations.

Demonstrated application of cyber security skillset and experience developing and maintaining core security authorisation documentation such as SRMP and SSP.

A high level of analytical ability, with the capacity to manage competing priorities and deliver high-quality work within defined timelines.

MUST

Australian Citizen and willing to hold an AGSVA Clearance

NV1 clearance preferred

Canberra based