Technical Lead - GRC

Location:: Canberra
Sectors: Cyber Security
Employment type: Permanent
Salary: Negotiable
Contact name: Danny Fleming

Contact email: danny@clearedict.com.au
Job reference: BBBH435_1652753212
Published: almost 2 years ago

Cleared ICT are working with one of Australia's industry leading sovereign cyber security specialists. A rapidly growing consultancy in Canberra are seeking several resources on a full time basis.

We are looking for a Technical Lead - GRC Services that can demonstrate their existing expertise in the cyber security governance, risk and compliance space.

In this full-time role, you will be pivotal in providing specialist cyber security advice to a range of Government and commercial clients, providing technical leadership and quality assurance for our clients GRC team and supporting client engagements across multiple clients, platforms and technologies.

KEY DUTIES/RESPONSIBILITIES

  • Support and mentor junior consultants assisting the Delivery Manager with quality assurance and client engagements
  • Develop management and user level cyber security policy and procedural documents as defined by the cyber standards listed below
  • Provide advice and consulting on establishing and maintaining compliance with information security frameworks for proposed or in production systems
  • Preparation of security risk assessments for proposed and in production systems
  • Development of system security plans for specific systems to ensure compliance with these standards

SKILLS & EXPERIENCE

  • Extensive experience working in a client facing GRC role either in Management Consulting or within a GRC role inside a Government Department or commercial entity
  • Experience managing or mentoring a team is desirable
  • Extensive experience writing security documentation (SSP, SRMP, IRP etc.) and providing accurate security advice based on the most recent cyber security frameworks and controls
  • The Technical Lead - GRC is expected to have extensive experience and understanding in the following information security frameworks:
  • Australian Government Information Security Manual (ISM)
  • Australian Government Protective Security Policy Framework (PSPF)
  • AS ISO/IEC 27001:2015 Information technology - Security techniques - Information security management systems - Requirements (ISMS)
  • Australian Energy Sector Cyber Security Framework (AESCSF)
  • Payment Card Industry Data Security Standard (PCI DSS)
  • US Department of Energy Cybersecurity Capability Maturity Model (C2M2)

At Cleared, we provide tailored recruitment solutions to individuals seeking their next opportunity and to organisations searching for talent within Defence Industry, Intelligence and National Security.