ABOUT OUR CLIENT

Our client is an industry leader supporting people with physical, intellectual, and multiple disabilities and developmental delays to achieve their goals. One of the largest not-for-profit disability service providers in Australia, they provide valuable high-quality individualised support to the community. This is an organisation which lives and breathes its values.

ABOUT THE ROLE

Reporting to the Head of Security, this individual is responsible for developing and implementing security policies, frameworks, and governance models while working closely with external vendors responsible for the technical build. It requires a strong technical background in IT security, combined with experience in security governance and compliance.

The IT Security Consultant will play a critical role in shaping the organisation’s security posture, ensuring compliance with industry best practices and regulatory requirements. The position involves working with internal stakeholders and managed security service providers (MSSPs) to align security measures with business objectives.

KEY RESPONSIBILITIES

• Develop and implement security policies – Define and implement security frameworks, policies, and governance models to strengthen organisational security.
• Security strategy and compliance – Align security initiatives with industry standards such as ISO 27001, Essential 8, and RFFR.
• Incident response leadership – Act as the primary contact for security incidents, overseeing third-party SOC services and leading post-incident reviews.
• Risk and vulnerability management – Work with vendors to ensure effective vulnerability assessments and remediation strategies.
• Stakeholder engagement – Collaborate with IT teams, business units, and external vendors to embed security best practices across the organisation.
• Continuous improvement – Stay ahead of emerging threats, conduct security training, and recommend enhancements to security programs.

SKILLS & EXPERTISE

• Minimum five years of experience in a similar role, with a strong background in IT security.
• Technical security experience, including hands-on work with security tools such as SIEM, EDR, Zscaler, Mimecast, and Microsoft Azure Security.
• Strong understanding of security frameworks and compliance standards, including ISO 27001, Essential 8, and regulatory requirements.
• Experience managing security incidents and working with SOC teams.
• Proven ability to build security governance frameworks, develop policies, and influence stakeholders.
• Experience working with external security service providers to oversee security implementations.
• Security certifications such as CISSP, CISM, CCSP, or CEH are preferred.