About the company

CyberCX has united Australia and New Zealand’s most trusted cyber security companies to deliver the most comprehensive end-to-end cyber security services offering to enterprises and governments. With a workforce of over 1300 cyber security professionals and a footprint of over 14 offices across Australia and New Zealand and global presence in the UK and the US, CyberCX offers a full suite of cyber security services.

About the role
As a Principal Consultant, you will be critical in the ongoing development and delivery of CyberCX’s advisory capabilities and delivery.  You will work across a range of different teams and clients, and you will be able to balance conflicting priorities while maintaining focus on quality delivery and clients being our first thought.

The role itself focuses on formal risk assessments against frameworks, recommendations around designing technical solutions, overseeing implementation ensuring a quality focus and development of contemporary policies and practices for CyberCX and our clients.

The Principal Consultant – GRC is also responsible for undertaking highly complex and sizable information security consultancy projects and providing security expertise to customers and others in their team. As a subject matter expert in their discipline, it is their extensive experience in their discipline that allows them to do this and provide guidance and mentoring to others in GRC or in other Functions or Practices.

Duties

• Work with our customer base to assist them in identifying and effectively managing cyber security risk.
• Lead highly complex and sizable cyber security projects aligned with the service catalogue.
• Prepare and present high-quality reports detailing security issues, making recommendations, and identifying solutions.
• Recommend, assess, and utilise best practice, industry standard and regulatory requirements for information security, such as those prescribed by 27001, PCI-DSS, the NIST Cybersecurity framework and the Australian Government Information Security Manual (ISM) as appropriate.

Skills & experience

• Experience in assessing and/or implementing security and risk standards including ISM, E8, DSPF, PSPF, NIST CSF, ISO 27001-2, PCI DSS, ITIL, COBIT, AS/NZS 4360, CPS234.
• At least one major security certification (CISM, CISA, CISSP, ISO LA/LI)
• Minimum of 6 years of experience dealing with a diverse range of information / cyber security projects and challenges, preferably over several industry domains.
• Exceptional stakeholder engagement and communication skills with an ability to build credibility with senior management and internal working teams.
• Demonstrable client-based consulting experience performing assessments of cybersecurity capabilities (threats, risks, controls, etc.)

Benefits

• Flexible hybrid working environment (a blend of office and WFH)
• Corporate discounts on a huge variety of retail stores through our partners
• Ability to deepen your experience and skills in-line with CyberCX's specialisation as Australia's leading cyber security provider.
• Opportunities to engage directly with and support senior leadership on significant work and contribute to the thought leadership of CyberCX.

Please note, due to the nature of this role, it is a mandatory requirement that all applicants are Australian citizens or Permanent Residents. Only Sydney based applicants will be considered for this role (flexible hybrid working environment; a blend of office and WFH - not remote).