Are you a Mid-Level GRC Specialist that has a passion for Line 2 cyber risk? Are you looking to take that next step in your career and learn to mitigate cyber risks on a larger enterprise level? Do you have a consulting background but also understand complex enterprise environments? Then this could be the right role for you.
Before you read on to understand the technical responsibilities of this role here are some of the benefits you'll receive in this permanent role.
- You'll be given to flexibility of hybrid working arrangements offering 2 days from home and 3 in the office per week
- You'll be eligible for the yearly bonus which comes down to a combination of individual and business performance which usually sits around the 20% (total package)
- You'll be able to take full advantage of the discounts of many key brands in the Australian market
- You'll have Access to discounted health insurance through one of their many groups
What are going to be you main responsibilities in this role, and what will your day to day look like?This ASX listed organisation have seen considerable growth and investment in their cyber and risk team over the years, with lots of new initiatives in the GRC space that need to be delivered specifically defining group wide cyber principles.
You will be across a number of accountabilities including supporting security risk assessments and analysis. You will also be supporting divisions through risk reporting therefor improving consistency and transparency
Based in either Melbourne, Perth or Sydney you will be consulting with stakeholders across the group and from a Line 2 perspective you will be providing governance, risk and oversight.
- Undertake and report on any vendor due diligence and risk assessments
- Measure, analyse, and report on the overall cybersecurity posture, including risk profiles, trends, and maturity targets.
- Support risk and metrics analysis across the organisation, with a focus on automation and process improvements. Gather and consolidate risk data across divisions.
- Assist in developing and assessing cybersecurity controls and divisional reporting.
- Stay informed on the latest cybersecurity threats, regulations, and risk developments to ensure proactive response and innovation.
What we want to see from your experience?
- Minimum of 4 years experience in similar roles Consulting/Enterprise Risk
- Solid experience in conducting cyber risk assessments and reporting findings
- previous experience in cyber reporting in a big 4 or financial services is a plus
- You will have working knowledge of IT governance, cyber risk management frameworks and methodologies including; NIST CSF, ISO 27001 or FAIR framework
- Industry Certification: ISO 27001, FAIR Foundation, CISA, CRISC,
CGEIT, ITIL, COBIT or other Cyber and IT Risk and Compliance
related certifications (PCI DSS etc.).
Please reach out to me on jreid@decipherbureau.com or call me on 0460926645 for a further discussionDecipher Bureau and the clients we partner with are committed to creating a diverse environment and are proud to be equal opportunity employers. All qualified applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.