About the Company & Culture:We’re partnering with one of Australia’s fastest-growing boutique cyber security consultancies. They’re not a product reseller. Not sales-driven. Their focus is on pragmatic, no-agenda advisory - they listen first, which is why clients trust them and return.
The culture is built on authenticity, technical depth, and meaningful relationships. It’s a high-trust, low-ego environment where autonomy is valued, and results speak louder than hierarchy. With their FY28 business plan about to be finalised, this is a long-term growth journey with significant opportunities ahead.
The Role:We’re hiring
multiple Senior GRC Consultants ready to take their careers to the next level - working on meaningful engagements that help clients strengthen their security posture with practical, results-focused solutions.
Locations: Canberra (priority), Brisbane, Melbourne, Sydney, Adelaide, Perth, Newcastle.
3 days in-office (client delivery is hands-on and high-touch). What You’ll Be Doing - Build strong relationships with clients and internal stakeholders.
- Lead customer workshops to capture business and cyber security requirements, informing maturity assessments, roadmaps, and strategies.
- Provide strategic cyber risk advice aligned to client's business goals.
- Work across multiple concurrent projects, often switching gears quickly between clients.
- Deliver pragmatic, clear, and actionable recommendations across governance, risk, and compliance.
- Write and refine policies, conduct maturity assessments, and design roadmaps.
- Apply strong capability across ISO 27001, NIST CSF, Essential Eight, ISM, and IRAP.
What We’re Looking For - Proven consultancy experience, ideally from a boutique firm, with the ability to operate autonomously.
- Highly adaptable and comfortable juggling multiple concurrent engagements.
- Strong interpersonal skills – you listen to understand, not just to respond.
- Deep knowledge of cyber risk, security frameworks, and information security management principles.
- Technical understanding of applications, infrastructure, and the environments that deliver them.
- Security clearance (NV1 or NV2) is highly regarded, particularly for federal work.
- Certifications such as SABSA, CISSP, CISM, or ISO 27001 Auditor are desired.
Why Join? - Authentic culture: Built on trust, technical depth, and long-term client relationships.
- No micromanagement: You are trusted to deliver, leadership is there to guide, not to task-manage.
- High-performance environment: People who deliver will succeed and grow.
- Long-term vision: Be a part of the growth journey, not a short-term gig.
- Meaningful work: You’ll help clients improve their security posture in a practical, results-driven way.
- Attractive Salary Package: $170k-$250k package + bonus
If you’re a high-performing
GRC consultant looking to build something meaningful (without the politics), let’s connect.
How to apply: Click apply or submit your CV to jasmine@decipherbureau.com for a 100% confidential, informal conversation where your privacy will absolutely be respected.
Decipher Bureau and the clients we partner with are committed to creating a diverse environment and are proud to be equal-opportunity employers. All qualified applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.