Consultant - InfoSec | ISO 27001 | GDPR | NIST | IRAP | CPS 254

This full-time role requires travel across the Sydney metropolitan area, and on occasion interstate – therefore, access to a car - including current NSW drivers licence - is essential.
The role of Information Security Consultant requires you to attend different client workplaces most days of the week, thus we require an individual who can work autonomously and can manage a transient schedule.

Why work with us?

• We are an incredibly focused and driven organisation, with ongoing growth opportunities to expand within our team.
• You will have a clearly defined role, including clear expectations as an employee - and what you can expect from Compliance Council as an employer.
• Be involved with projects in a variety of industries.

What you can expect

You can expect this role to be challenging, you can expect to be busy, you can expect for each day not to be the same.

Every day your intuition will be challenged, as will your ability to manage client expectations. You need to be able to juggle multiple tasks and competing priorities. Along with keeping cool under pressure while maintaining our client’s confidence. You can expect to be supported and be well trained. However, you will need to be able to deal with unknowns that will unexpectedly present. Every day we learn and experience something new. This expands our knowledge bank which we then utilise to leverage ongoing value to our clients.

You can expect remuneration commensurate to your experience, and your contribution to the success of the organisation. Finally, you will be treated with respect, honesty and integrity.

Responsibilities and Accountability

The role requires an in-depth understanding of information security controls and experience with ISO 27001. You will be delivering information security projects and working with the Principal Consultant for Information Security towards achieving operational KPIs.

Experience and Qualifications

Essential:

• Minimum 3 years of experience working in cyber security or information security compliance.
• Tertiary qualifications in information security or a closely related field (i.e. computer science, networking or information technology).
  Experience with implementing and auditing management systems based on ISO 27001.
• Good knowledge of information security control frameworks (i.e. ISO 27001, NIST CSF, ISM and E8).
• Demonstrated experience in policy writing and implementation.
• Excellent knowledge of Risk Management Processes.
• A demonstrated ability to support stakeholder’s information security projects.
• Strong knowledge of MS Office suite.
• Ability to effectively communicate with internal and external stakeholders.
• An inquisitive mindset and great attention to detail.

Desirable:

• Industry certification (e.g. CISSP and CEH).
• Experience with the ISM and Essential 8.
• Lead auditor in ISO 27001.