We are seeking a Cyber Security GRC Consultant to join a growing advisory team delivering high impact security and compliance outcomes for clients across Australia. This is a client facing consulting role where you will work directly with stakeholders across financial services, healthcare, critical infrastructure, and government sectors to strengthen cyber resilience, enhance compliance, and manage third party risk.
This position suits a GRC professional with a few years of consulting experience who enjoys leading engagements, conducting risk assessments, and building trusted client relationships while developing their expertise under the guidance of senior consultants and practice leaders.

What you will do
• Deliver GRC and risk advisory engagements across a range of industries
• Conduct vendor risk assessments, third party security reviews, and supply chain assurance activities
• Design and implement governance frameworks aligned to ISO 27001, NIST CSF, and the Essential Eight
• Perform gap assessments, internal audits, and remediation support for ISO 27001 and related standards
• Support compliance initiatives including APRA CPS 234, the Privacy Act, and SOCI Act obligations
• Contribute to PCI DSS assessments and remediation programs (experience with PCI QSA engagements highly regarded)
• Prepare reports and presentations that translate technical risk insights into clear business outcomes
• Support cloud security reviews across AWS and Azure environments

What you will bring
• 3 to 6 years of experience in cybersecurity, risk management, or compliance focused consulting
• Proven experience conducting vendor or third party risk assessments
• Strong understanding of ISO 27001, NIST CSF, Essential Eight, and Australian regulatory frameworks
• Excellent communication and stakeholder management skills
• Bachelor’s degree in cybersecurity, information systems, or a related discipline (preferred)

Certifications (highly regarded)
• ISO 27001 Lead Auditor or Implementer
• CISA, CISM, or CRISC
• PCI DSS or QSA or hands on PCI remediation experience
• Cloud security certifications

If you are looking to join a team that values collaboration, practical solutions, and client impact, this role offers the opportunity to grow your consulting career while shaping strong cybersecurity outcomes for Australian organisations.