The bar has shifted - especially with E8. Clients in critical infrastructure and regulated sectors don't want someone who can tell them what good looks like on paper. They want someone who can get into the environment, run the scripts, read the output, and have the straight conversation when things don't stack up.
...This is that role.
About the role You'll be sitting inside a well-established cyber security practice in Brisbane, working with clients across critical infrastructure and regulated sectors. The work is hands-on, technically rigorous, and multi-year - these aren't point-in-time audits. A good chunk of what you deliver will end up in front of boards and executive committees, so being able to translate technical findings into language that lands with an ARMC is just as important as knowing your way around a vulnerability scan.
What you'll be doing - Technical E8 assessments - validating controls in client environments, not reviewing documentation
- Vulnerability management assessments - running and interpreting scans across hybrid environments
- Application whitelisting validation - configuring, testing, troubleshooting in the real world
- GRC engagements across ISO 27001, NIST CSF, ISM, AESCSF, APRA CPS 234
- Security roadmaps, gap assessments, maturity reviews
- Board and ARMC reporting and presentations
- Contributing to proposals and BD activity
What you'll need - 4-5 years hands-on experience in cyber security consulting or a technical MSP environment
- Technically validated E8 controls across multiple client organisations - not managed someone else doing it
- Hands-on vulnerability management experience (Tenable, Qualys, hybrid environments)
- Application whitelisting experience (AppLocker, WDAC) - configured and validated, not just recommended
- Strong framework knowledge across E8, SO 27001, NIST, ISM, IS18
- The ability to read and interrogate script output and call it when a client's environment doesn't match what they're telling you
- Strong written and verbal communication - this work goes in front of boards
- Australian citizen or permanent resident, Brisbane based
What's on offer - Annual salary reviews
- Subsidised food & drink (some free)
- Paid parental leave inc. super for primary carers
- Corporate gym memberships and fitness program discounts
- EAP counselling for you and your immediate family
- Study support and funded professional memberships
- Structured leadership development including tech and soft skills
- Global secondment opportunities across the network
- A team that invests in careers, not just roles, genuine promotion pathways and access to international resources
To apply or find out more, call Kris on
0452 564 644 or email
kris@decipherbureau.com