AddressSenior Consultant - Cyber Security and Risk
- Growing national Cyber Security & Risk practice
- Highly experienced consulting team
- Varied, complex cyber consulting delivery
About Us
Business Aspect is a national management and technology consulting firm that operates as an independent entity supported by the strength of its ASX-listed parent organisation, Data#3, with a significant national presence.
About the Role
Due to increasing demand we are expanding our national team to include a Senior Consultant with strong exposure to contemporary cyber security management and client advisory services. With a consulting delivery focus, you will help us grow our practice capability in Queensland and nationally.
In this role you will:
- Deliver high-value and high-quality risk and security consulting outcomes, such as risk assessments, security plans and strategies, roadmaps, security policy and frameworks
- Undertake detailed risk assessments, including working at senior business and IT and executive board level
- Engage with client project teams and provide advice on areas such as cloud computing governance and risk, mobile device threats and management, third party security and identity management
- Recommend, assess and use best practice, industry standard and regulatory requirements for information security, such as those prescribed by 27001, the NIST Cyber Security Framework and the Australian Government Information Security Manual (ISM)/Essential Eight/DISP/SOCI
- Assist with Business Continuity and Disaster Recovery advisory services and organisation-wide plans and procedures
- Work across multiple client engagements in your core areas of capability and identify further consulting opportunities as a part of senior team of risk and cyber security oriented consultants
- Liaise with technical and solution vendors and partners on behalf of customers
About you:
- We are seeking a highly experienced Cybersecurity and risk practitioner with proven skills:
- Defining Cybersecurity strategies, roadmaps and plans based on contemporary cybersecurity practices
- Identifying and assessing threats and vulnerabilities, leading to prioritised risk remediation plan and roadmaps
- Conducting organizational gap analysis of information security control environments
- Developing information security management systems (ISMS) and associated information security policy and standards and associated processes
- Providing Security architecture advice to projects on technical security architecture
While not a mandatory requirement, deeper exposure to one or more of the following will be an advantage:
- Microsoft Purview Information Protection and Governance, including classification of information, digital rights management and data loss prevention
- Identity and Access Management strategies, including access control, role-based access, privileged identity management and IAM governance
- Operational Technology (OT) security threats, controls and related standards
You may hold security or risk related qualifications, such as CRISC, CISSP, CISM etc. or product specific certifications such as Microsoft Azure, however this is not mandatory.
If you want to become part of an exciting, innovative company and take your experience to the next level, we would love to hear from you!
Please note that Business Aspect will request as part of the recruitment process, reference checks and verification of your right to work in Australia. You may also be required to undertake background checks and police checks for security clearance pertaining to specific job requirements. Business Aspect may require you to be fully vaccinated for COVID-19, in order to perform this role.
Ref: KEMI111481
Data#3 will request as part of the recruitment process reference checks and verification of your right to work in Australia. All final applicants for this position will be asked to consent to a police check. Please note that applicants with criminal records will not automatically be excluded from the recruitment process. Each application will be considered on its merits and inherent requirements of the role.
