This range is provided by OneStep Group. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay rangeA$130,000.00/yr - A$150,000.00/yr
Join OneStep Group as a Senior Security Consultant – GRC / Advisory Team
Are you an experienced Senior Security Consultant looking for your next challenge? OneStep Group is seeking a Senior Security Consultant to join our GRC / Advisory Team. This is an exciting opportunity to play a crucial role in safeguarding our clients’ digital assets and mitigating cybersecurity threats.
About the Role
Reporting to the Cyber Practice Manager, the Senior Security Consultant will work closely with clients to deliver advisory engagements as defined within the OneStep Group Catalogue of offerings and following defined methodologies and a clearly documented engagement scope. The Senior Security Consultant is a trusted position with considerable responsibility in ensuring that clients are given advice that is pragmatic and within the context of the client organisation. Senior Security Consultants need to be able to work both as part of a engagement team and independently in a leadership position on complex engagements.
Key Responsibilities
- Security Strategy
- Security Governance Creation (Policy, Standards, Process) & Advisory
- Current State Security and Maturity Assessment
- Security Risk Assessment and Audit
- General Controls Review
- Vulnerability Assessment
- Cloud Security Audit & Advisory
- Engage Stakeholders and run organised consulting workshops and interviews.
- Have the ability to lead teams on larger information security projects.
- Able to mentor and coach more junior consultants.
- Work closely with other streams (Penetration Testing, SOC & Solutions) to ensure that our offerings meet or exceed customer security and certification requirements.
- Provide planning and input into business development, related to GRC Stream, including attending customer business development meetings.
- Support and provide input into Cyber Practice services development and delivery.
- Monitor Regulatory Compliance trends and requirements, such as Privacy Act, GDPR, PCI: DSS and APRA.
- Monitor security technology trends and requirements, such as emerging standards for new technology opportunities.
- Monitor security news and trends such as breaches, cybersecurity, and privacy matters.
- Support all phases of Advisory (Governance, Risk & Compliance).
- Obtain and maintain Industry and Vendor Certification and Accreditation, where required.
Skills & Experience
- 5 years’ experience in similar GRC or consulting roles
- Customer facing with strong communication and excellent presentation skills.
- Relevant cybersecurity certifications (e.g.,CISSP, ISO Lead Auditor, PCI:DSS QSA, IRAP, CISM, CISA, CRISC).
- A thorough understanding of the most common frameworks (ISO, COBIT, ASD, SOCI, ISM, E8, NIST CSF and SABSA).
- Understand at a high level, system security, network security and cloud security concepts.
- Ability to conduct security research regarding people, technologies, methodologies, vulnerabilities, or threats.
- Understand risk and be able to assess security risks.
- Be able to assess the security controls implemented by an organisation and make recommendations for remediation appropriate to the context of the client.
- Ability to work within a team with other consultants or with client staff
- Ability to document findings and recommendations to remediate negative findings.
What We’re Looking For
- Leadership: Ability to lead and inspire a team, driving them towards achieving strategic goals.
- Adaptability: Ability to adapt to changing environments and handle multiple tasks simultaneously.
- Client-Focused: Commitment to understanding client needs and delivering solutions that meet those needs.
- Integrity: High ethical standards and integrity to build trust with clients and team members
Apply Today!
If you are ready to take the next step in your cybersecurity career and want to be part of a team that makes a difference, we want to hear from you! Apply now by sending your CV to [email protected] and become a key player in the GRC / Advisory team.
Seniority levelMid-Senior level
Employment typeFull-time
Job functionInformation Technology
IndustriesIT Services and IT Consulting
#J-18808-Ljbffr