Principal Consultant - GRC

We're looking for a Principal Consultant, GRC to lead high-impact engagements and shape security outcomes at scale.

About CyberCX CyberCX is Australia and New Zealand’s leading cyber security services provider, trusted by private and public sector organisations to help manage cyber risk, respond to incidents, and build resilience in an increasingly complex threat landscape.

With a workforce of over 1,400 professionals, CyberCX delivers end-to-end cyber capabilities across consulting and advisory, governance, risk and compliance, incident response, penetration testing, cloud and infrastructure solutions, identity and access management, and managed security services.

The Opportunity This is a senior advisory role for someone who thrives on complexity and influence.

As a Principal Consultant, you will:

Lead complex cyber risk and compliance engagements across enterprise and government

Conduct formal risk assessments aligned to ISM, PSPF, DSPF, NIST CSF, ISO 27001, CPS234 and related frameworks

Design and oversee implementation of fit‑for‑purpose security solutions

Produce board‑ready reports with clear, commercial recommendations

Act as a subject matter expert and mentor within our GRC practice

Contribute to capability uplift and thought leadership across CyberCX

You will work closely with clients to translate regulatory and framework requirements into practical, defensible security outcomes.

What We’re Looking For

Deep experience assessing and/or implementing frameworks including ISM, ISO 27001, NIST CSF, PCI DSS, PSPF, DSPF, CPS234

Major security certification (CISM, CISA, CISSP, ISO LA/LI or similar)

Strong consulting background – ideally within a global consulting firm or large technology organisation

Exceptional stakeholder engagement skills with credibility at senior and executive levels

Demonstrated ability to lead engagements and mentor junior consultants

Australian citizenship is required

Why Join CyberCX?

Work on nationally significant programs across enterprise and government

Engage directly with senior leadership on complex strategic initiatives

Be part of Australia’s largest dedicated cyber security capability

Flexible hybrid environment (Brisbane-based, not fully remote)

Clear career progression within a growing national practice

This role is ideal for a senior GRC practitioner ready to operate at Principal level and influence both client outcomes and internal capability. Apply For Job

#J-18808-Ljbffr