Job details

Location
Brisbane
Salary
AU$160000 - AU$180000 per annum + plus super, bonus and benefits
Job Type
Permanent
Ref
34235_1615945570
Contact
Chelsey Costello
Contact email
Email Chelsey
Contact phone
+61 2 8248 8084
Posted
about 1 month ago

Job details

Location
Brisbane
Salary
AU$160000 - AU$180000 per annum + plus super, bonus and benefits
Job Type
Permanent
Ref
34235_1615945570
Contact
Chelsey Costello
Contact email
Email Chelsey
Contact phone
+61 2 8248 8084
Posted
about 1 month ago

Talenza are working with an Australian Management and Technology consulting firm in Brisbane to find a Principal and Senior Consultant with extensive experience in governance, risk and compliance (GRC) and providing strategic security advice to customers.

About the Role

With increasing demand for their expertise and advisory in the Cyber Security and Risk domain this client are expanding their national team. As such, they are looking for a Principal Consultant with a strong exposure to contemporary cyber security management and client advisory services. The role will include some business development activity combined with a delivery focus, as well as helping to grow and develop the Cyber Security and Risk practice further.

What You Will Be Responsible For:

  • Deliver high-value risk and security consulting outcomes, such as risk assessments, security plans and strategies, security policy and frameworks
  • Engage with client project teams and provide advice on areas, such as cloud computing governance and risk, mobile device threats and management, third party security and identity management for example
  • Undertake detailed risk assessments, including liaising with and reporting to senior business and IT and executive board level management
  • Stay abreast of contemporary cybersecurity related threats and associated controls at the people, process and technology levels
  • Recommend, assess and utilise best practice, industry standard and regulatory
    requirements for information security, such as those prescribed by 27001, the NIST Cybersecurity framework and the Australian Government Information Security Manual (ISM) as appropriate
  • Assist on projects to provide Business Continuity and Disaster Recovery advisory services and develop organisation-wide plans and procedures to meet business requirements
  • Working across multiple client engagements in your core areas of capability and identify further consulting opportunities as a part of senior team of risk and security oriented consultants
  • Liaison with technical and solution vendors and partners on behalf of customers
  • Mentoring of others in the team and within the broader business ecosystem
  • Identification of additional staff and resources through your networks to fulfil current and emerging needs and staying connected with industry and peer group networks.

What We Are Looking For:

  • Experience in IT risk and information security management consulting, that may have included:
    • gap analysis of an organisation's current information security control environment, including people, process and technology in alignment with industry benchmarks, standards or industry accepted best practices
    • detailed risk assessment including the identification and assessment of threats and vulnerabilities, leading to prioritised risk remediation plan and roadmaps
    • security architecture considerations and advise to projects on technical security architecture
    • establishment and maintenance of an information security management system or framework and associated information security policy and standards and associated processes
    • review and assurance of third party IT service providers, such as assessing cloud solutions during the acquisition process and identifying control requirements that may be addressed through contracts and SLA's
    • development of security incident response processes, including identifying required alerting functions, escalation and response processes and associated reporting
    • technical security assurance and security testing
  • Understanding of security and risk processes in the project lifecycle and systems development methodologies
  • Providing direction to a range of technical staff and vendors in the delivery of IT solutions to deliver business outcomes
  • Successfully contributing to and participating in multidisciplinary project teams in order to achieve outcomes within time and cost limitations
  • Integrity and professionalism and the ability to act independently in making decisions to achieve project outcomes
  • Substantial experience in dealing with business and other stakeholders in providing security and risk advice across projects in a rapid solution design and development environment
  • Industry certifications such as CRISC, CISSP, CISM are desirable but in no way mandatory
  • Demonstrated skills in analytical, written and presentation skills applicable to preparing reports, submissions and briefings regarding strategic issues
  • Experience in creating Business continuity and disaster recovery strategies, plans and procedures to meet business requirements, including conducting business impact assessments
  • Delivering consulting projects within commercial budget and time constraints while aligning with group, company and team targets and objectives

What's in it for you?

  • A remuneration package of up to $180,000 base plus a bonus of up to $35,000, a car park space, superannuation
  • Working in a successful and well-established GRC and Cyber Security consulting firm with experienced consultants of 15+ years experience
  • Be a big fish in a small pond
  • Work across multiple sectors including government, education, health, utilities, energy, mining, etc