IT & Telecomms, IT Security

Job Purpose:
  
A career building opportunity has become available for a Junior-Mid Level GRC Consultant to join a fast-growing and reputable consulting start-up on the Gold Coast.
  
In this role you will be responsible for supporting the Practice Manager to deliver the GRC programme and contribute to the enhancement and further development of the programme. There will be a strong focus on clients seeking accreditation towards regulatory compliance, so it is essential that you have a good understanding of Information Security/Cybersecurity risks, standards, and challenges faced by businesses.
    
You will do very well in this role if you are consultative in nature, show initiative, have problem-solving aptitude and are capable of taking on projects and challenges head on. And, if you are never satisfied with the status quo and are enthusiasm to be a part of a growing company where you can be part of the success, then this role is definitely for you!
  
Main Responsibilities:

  • Work in small teams to deliver security implementations or remediation programmes
  • Provide consistent documentation, project, and process support to management
  • Work collaboratively with clients, to deliver non-intrusive, non-technical Cyber Resilience Assessments of their business
  • Assess the maturity and effectiveness of the clients’ IS/Cybersecurity posture
  • Drive the development and maintenance of new and existing policy documentation that aligns with international security, privacy and industry standards and regulations
  • Contribute to the preparation and project delivery of accreditation projects for the organizations’ service offerings – ISO 27001, GDRP and PCI DSS
  • Contribute to the maturation of the company’s’ IS program
  • Write reports and papers as needed to communicate the effectiveness and maturity of the organizations’ policy, management, controls and assurance frameworks
  • Contributing to the creation of proposals and marketing material 
  • Identify additional opportunities where the organisation may offer further services to the client to strengthening their Information Security posture  

Key Skills Required:  

  • 1-4 years’ of experience within a GRC role
  • Bachelor’s Degree in Computer Technology or Business
  • Certifications such as ISO27001 lead implementer or auditor
  • Experience working within a client facing role would be an asset
  • Demonstrable experience in InfoSec strategy, assessment, designing and implementing security strategy, governance frameworks over processes, controls, organisation and infrastructure to management cybersecurity 
  • Ability to design and implement security policies, procedures, standards and controls in line with regulation and/or current standards (i.e. ISO27001, NIST, SANS etc.) 
  • Ability to effectively handle a wide range of stakeholders and report accurately
  • A solid understanding of IT, networking and infrastructure designs

  What’s in it for you?  

  • Work for a reputable and fast-growing start-up
  • Sunny Gold Coast Location
  • Flexibility to work from the office and from home
  • Career progression
  • Professional training available
  • Supportive team environment