We pride ourselves on being a genuinely great place to work, with a vibrant culture, clear vision, and strong leadership.
When joining blueAPACHE, you are joining an organisation that is driven by our core values of employee and customer experience.
We are proud to be an equal opportunity employer and are committed to building a diverse and inclusive workplace where we embrace our individual talents, and our differences.
Due to exciting growth plans, we are looking for an experienced Cyber Security, Governance Risk and Compliance (GRC) Consultant to join our Cyber Security Practice.
Reporting into the GRC Practice Lead, you will be responsible for helping develop and implement the information security governance strategy and policies to safeguard BlueAPACHE's subscribed customer's digital assets and ensure compliance with regulatory requirements.
This role can be based in Melbourne, Sydney or Brisbane.
Responsibilities Provide consulting services to clients in the areas of governance, risk, and compliance Assist clients in developing and implementing risk management strategies Conduct risk assessments and gap analyses to identify potential vulnerabilities and recommend preventive measures Develop policies and procedures to ensure compliance with regulatory requirements Provide training and education to clients on GRC topics Collaborate with cross-functional teams to implement and maintain GRC frameworks and tools Stay up-to-date with industry trends and best practices in GRC Work with various teams within customer organizations to develop plans to improve compliance with cybersecurity policies and standards and provide input to drive targeted maturity levels.
Develop and implement risk mitigation strategies and controls.
Monitor emerging threats and industry trends to adapt security advisory measures accordingly.
Advise on incident response best practice, including containment, investigation, and recovery efforts.
Support customers to define and maintain their organization's best practices security architecture, including network security, endpoint security, cloud security, Identity Access Management and related vectors.
Promote importance of user awareness and data handling behavior through best practices and policies.
Assess and manage security risks associated with third-party vendors and service providers for clients.