Security GRC Consultant

  • Australia
  • Sydney
  • Permanent
  • Negotiable

Security GRC Consultant
Permanent Opportunity
Salary, $80,000 – $110,000 inclusive of superannuation
Location, onsite 5 days per week
Security Clearance, Must hold current NV1 clearance

About the Opportunity

Our client is a leading global consultancy with deep capabilities across digital, cloud, security and transformation services. With a strong presence in the Australian market and a broad portfolio of government and enterprise engagements, they partner with organisations to deliver complex, high impact programs in secure and regulated environments.

Due to continued growth within their public sector practice, they are seeking a Security Assessment & Authorisation Consultant to join on a permanent basis. This role is ideal for a security professional experienced in risk management, accreditation and compliance within Australian Government frameworks.

Please note, candidates must hold current NV1 security clearance to be considered.

About the Role

As a Security Assessment & Authorisation Consultant, you will perform security risk management and assurance activities across systems, applications and third party services. You will ensure systems meet required security standards, risks are assessed and documented appropriately, and Authority to Operate, ATO, is obtained and maintained in line with government requirements.

You will work closely with system owners, architects, delivery teams, cyber specialists and compliance stakeholders to guide initiatives through the A&A lifecycle and ensure alignment with Australian Government frameworks and internal governance standards.

Key Responsibilities

Security risk management

* Conduct risk assessments to identify, analyse and mitigate security risks across projects and operational environments
* Facilitate risk workshops with key stakeholders to capture and validate security risks
* Monitor and report on risk status, treatment progress and residual risk to governance forums
* Ensure security controls are implemented and tested effectively
* Support day to day coordination of security deliverables alongside program leads

Security assessment and authorisation

* Execute security authorisation processes in line with the ISM and client specific security requirements, including RMF activities
* Prepare and maintain risk assessments, accreditation documentation and supporting artefacts
* Ensure compliance with required security controls across governance, identify, protect, detect and respond domains

Maintaining compliance

* Develop and maintain security documentation including policies, procedures and incident response plans
* Support compliance with Australian Government security requirements, including PSPF and ISM obligations
* Maintain accurate records of security authorisations, exceptions and audit evidence

Stakeholder engagement and reporting

* Liaise with Authorising Officers, system owners and project teams to ensure documentation meets required standards
* Provide guidance on ISM, Essential Eight and department specific controls during delivery
* Support the implementation and ongoing management of GRC tooling
* Track and report on authorisation status, deliverables and compliance gaps
* Assist with continuous monitoring and audit activities

Skills and Experience

* Experience in security risk management and system accreditation within Australian Government environments
* Strong understanding of PSPF, ISM and NIST aligned principles, govern, identify, protect, detect, respond
* Deep knowledge of Essential Eight requirements in classified or controlled environments
* Experience preparing and managing accreditation packages
* Strong documentation skills with high attention to detail
* Ability to interpret and apply ISM controls in practical delivery scenarios
* Experience with collaboration platforms such as SharePoint or Confluence
* Familiarity with GRC platforms and compliance tracking tools
* Strong stakeholder engagement and communication skills

Qualifications

* Bachelor’s degree in Cybersecurity, Information Technology or related discipline
* Certifications such as CISSP, CISM, CRISC, IRAP Assessor or equivalent highly regarded

Security Clearance Requirement

* Must hold current NV1 security clearance, this is mandatory
* Australian citizenship required
* Candidates without NV1 clearance will not be considered

What’s on Offer

* Permanent role within a globally recognised consultancy
* Salary range $80,000 – $110,000 inclusive of superannuation
* Opportunity to work on high profile, mission critical government programs
* Clear career progression pathways within a structured consulting environment

If you are an NV1 cleared security professional looking to step into a permanent consulting role where you can influence complex government environments, this is a strong opportunity to consider.

Apply now

Submit your details and attach your resume below. Hint: make sure all relevant experience is included in your CV and keep your message to the hiring team short and sweet - 2000 characters or less is perfect.