Brisbane, Australia| Posted on 10/07/2023We are the challenger in the cybersecurity market both in Australia and Southeast Asia. We are founder-led and have a fresh and direct approach to working with our clients, breaking away from the older/traditional models, and are well respected for that.We're on a mission to be the most trusted security partner. Through the delivery of impactful outcomes that build resilience, we enable innovation and increase competitiveness. From the excellence of our delivery to the integrity of our people, we put care and everything we do and see every client as a #clientforlife. #ClientForLifeWe live by 6 values that have helped us grow and create long lasting bonds with our clients to date:CARE FOR YOUR TEAMWe can only do our best work in an environment of support and respect. We always strive to gain a better understanding of the perspectives and challenges of our team mates.OWN THE OUTCOMEWe love our craft, and take pride in making a difference. We face our clients challenges as a genuine partner, and tackle them as if they were our own.TELL IT LIKE IT ISWe owe it to our clients to be honest, transparent and straight-talking.BE CURIOUS AND GENEROUSWe are richer by sharing our knowledge. We look for ways to connect with colleagues, clients and the industry to broaden our skills and networks.STRIVE FOR BETTERAt work, home and in the community, we will try to enact positive change. We don't settle for second best, speaking up and supporting others to drive that change.We are made of information security professionals from all professional and personal backgrounds, forming a truly unique and international environment, fun to work and grow in.We are conveniently located in the heart of the cities it operates within. We have a fresh and direct approach to working with our clients, breaking away from the older/traditional models, and are well respected for that.Job DescriptionSekuro is a trusted provider of information security consulting services. We are currently recruiting sharp, smart, experienced and motivated security professionals to join our growing Governance Risk and Compliance (GRC) team in Sydney with a focus on PCI DSS and other cyber/information security standards. The role involves working with mid-market to enterprise level clients, as well as with various levels of Government. The role involves an interesting mix of:Delivering engagements independently.Managing a team to complete small-to-medium size engagements.Mentoring junior consultants and peers to become the subject matter experts – just like yourself.Designing solutions to customers problems and helping them to choose Sekuro.Being an ambassador for your area or expertise, the profession and Sekuro.About the role:The role is suited for professionals with experience in assisting an organisation improve their security maturity, manage security risks or meet compliance/regulatory requirements in a security standard. We are seeking individuals that have experience in managing projects and people, ideally in a consulting capacity.Whilst the life of a consultant is varied and we'd never set these in stone, the composition of the role should be expected to be:40% Direct delivery of engagements.30% Engagement Management (Inc. Quality Assurance).15% Mentoring peers and junior team members.15% Sales support and leading internal improvements activities.In addition to offering great career growth opportunities, the position offers benefits such as training and certification opportunities, flexible work hours, a good working culture and the opportunity to become a well-rounded manager whilst working with a team of like-minded, friendly people.The responsibilities of the Managing Consultant include:Manage a small group of GRC team members to ensure the performance and happiness your unit.Manage staff and upkeep a No bullshit, collaborative, open and professional culture.Provide mentorship and support to peers and subordinates.Act as the engagement manager for several concurrent GRC engagements (ensure the quality, suitability and timeliness of engagements and provide the first point of escalation for project issues).Deliver individual engagements yourself to maintain your skills set and consciously acquire new competences though formal training and self-development.Pass certifications as required to maintain your status as an expert in your field (in addition to blog post, training and presentations).Help improve internal processes, building towards efficient and standardised delivery for Sekuro services.Lead the recruitment of local technical resources.Attend industry events regularly to learn, earmark potential recruits, network and identify opportunities.Support commercial opportunities when relevant.Lead the execution of the Sekuro GRC strategy, working closely with the senior management.RequirementsA suitable candidate would have some or most of the following attributes:Minimum of 3 years of experience in an advisory or consulting roles or has extensive experience assisting organisations to adopt one or more relevant cyber / information security frameworks (e.g. ISO 27001, PCI DSS, ASD Essential 8, IRAP/ISM, SOC2, NIST CSF, etc.).6-10 years of experience in other relevant ICT and/or security domains.In depth understanding of two or more cyber or information security framework such as ISO 27001, PCI DSS, ASD Essential 8, IRAP/ISM, SOC2, NIST CSF, etc..Experience in writing professional reports to communicate complex problems and present recommendations for change.Excellent oral communication and presentation skills.Comfortable dressing to make a professional impression whenever they represent Sekuro.Previous experience managing short engagements and larger projects.Able to confidently engage with clients, including their different business and technology stakeholders.Holds at least two current and relevant cyber / information security professional certifications (e.g. CISM, CISA, CISSP, CRISC, IRAP, ISO 27001 Lead Auditor, etc.). Candidates actively studying to achieve a second certification will still be considered.Holds a current work visa for Australia.Additionally, candidates with competency in the following are highly desirable:Awareness of GRC frameworks which may be relevant to future engagements like ISO 27001, PCI DSS, ASD Essential 8, NIST CSF, Australian Government's ISM and PSPF, etc.Experience with security architecture design & reviews (inc. SABSA or TOGAF).Holds an Australian Federal Security Clearance (i.e. NV1).Location in Australia could be flexible as discussed with Joel.#J-18808-Ljbffr
