• Exciting development opportunities and a competitive package working in the fast-growing Cybersecurity Industry
  • Working for a young and innovative company that believes in working hard and celebrating success

About the company

InfoTrust’s mission is the protection of our customers against cybercrime. This year alone, the projected cost to the global economy as a result of cybercrime, is over $6 trillion. It has become an ever-present boardroom conversation with focus and attention to address the issue. Founded in 2014, InfoTrust has rapidly expanded and received multiple awards in the process. Our vision is to be the global leader in cybersecurity. We will achieve this by focusing on two things; being “Customer Driven” and creating an innovative, high performing and exceptional work environment for our team. We recognise that rewarding and acknowledging hard work is paramount to our success.

Major Accountabilities

The GRC Security Consultant will work with the wider Consulting team, responsible for the development and delivery of Governance, Risk and Compliance services. This involves the end-to-end delivery for our customers and to a certain extent, business development. 

A key part of the role will involve directly engaging customers to provide security consulting, aligned to deliverables. These include information security assessments, information security awareness, risk assessments and more.  The role will also involve working with the Sales teams and Pre-Sales teams across InfoTrust.

Outcomes and measures

  • Develop Information security governance & risk management strategies, frameworks (ISO27001 & PCI-DSS), policies, standards and metrics to measure maturity of overall security operations in alignment with business priorities and its tactical/strategic objectives
  • Perform reviews, assessments and system implementations based on industry/regulatory requirements such as ISO 27001, NIST Cybersecurity Framework, SOC2/SSAE-18, Australian ISM, etc)
  • Scope required activities and perform project estimates as required, ensuring that consulting activities defined in these scopes are delivered to the highest standards
  • Engage in skills transfer - both internally and with customers
  • Deliver assignments securely on time within budget and share results and recommendations to both technical and non-technical customers, in the form of either in-person presentations, written or verbal reports
  • Develop and maintain strong relationships with customers through timely delivery of projects
  • Conduct project management, where required
  • Maintain InfoTrust’s internal security standards and confidentiality of customer material as defined in our ISO 27001:2013 aligned ISMS

Professional skills, qualifications and experience

  • Minimum of 2-3 years’ experience in IT, preferably in information and cybersecurity
  • Minimum 1-2 years’ experience in GRC focused role 
  • Experience in conducting IT security and cyber/information security assessments
  • Experience assisting with audits (internal & external) and auditors 
  • Proven track record building strong relationships with key business leaders and stakeholders
  • Practical understanding of Information Security Standards & Frameworks, for e.g. NIST CSF, ISO 27001, GDPR, ASD, ISM
  • Good to have – 1 or more professional Information Security certifications (ISO 27001, CISSP Associate, CompTIA Security+ or equivalent)

Culture

Our team love working with us because we offer a technically exciting, innovative and dynamic company that has strong vision and direction, but offers an environment that is collaborative, fun and rewarding. There are many perks of working here that you can’t see in this advert!

Benefits

  • A fantastic team culture
  • Health Insurance benefits
  • Community-focused and socially responsible
  • An active rewards and recognition programme
  • An experienced leadership team that is focused on supporting and coaching
  • Supported career development and training opportunities
  • Flexible working opportunities

Apply now