High impact role for a GRC specialist to help a business through periods of uplift.
The environment is complex, regulated, and under real scrutiny. This contract is about lifting control maturity and working through various uplift changes.
You’ll join an established cyber security function that needs pragmatic GRC capability to define, test and improve security controls across a large technology landscape. Policies exist. Frameworks exist. What’s needed is someone who can make them land, with credibility.
Contract Info:
This is a potentially long term engagement which will likely start with 6 months but with a view to extensions, budget permitting. It’s a tight knit team with a good working culture and lots of new work in the pipeline.
The role requires 2 – 3 days onsite, with flexibility. Sydney applicants only.
Daily rates up to $1100 inc super per day.
Key Focus:
- Design and deliver a practical cyber security compliance framework aligned to internal policy and external standards (PCI-DSS, NIST, CIS)
- Assess and test the effectiveness of security controls across technology platforms and services
- Identify control gaps, assess risk exposure, and drive remediation with technology and business teams
- Shape and improve security policies, standards, and supporting processes
- Maintain clear visibility of compliance status, issues, and remediation through concise reporting and governance forums
Experience Required:
- 5+ years’ experience in cyber security with a strong focus on governance, risk and compliance
- Hands-on experience with control testing and remediation in large, complex environments
- Proven exposure to recognised security frameworks (NIST, CIS, PCI-DSS)
- Strong stakeholder engagement skills, with the ability to influence without authority
- Ability to operate independently, apply sound judgement, and work pragmatically in ambiguous environments
The client would prefer somebody to start in January, but can be flexible within reason.
For more information – cwhyte@decipherbureau.com