
Cyber Security Risk Advisor
5 days ago
**Job no**: 525136
**Work type**: full time
**Location**: Sydney, NSW
**Categories**: Information Technology, Cyber
- Employment: Full time (35 hours per week)
- Continuing role as a Cyber Security Risk Advisor
- Remuneration: Excellent salary package including leave loading and generous superannuation
- Location: Based in Kensington, Sydney (hybrid working available)
**About UNSW Sydney**:
UNSW isn’t like other places you’ve worked. Yes, we’re a large organisation with a diverse and talented community; a community doing extraordinary things. Together, we are driven to be thoughtful, practical, and purposeful in all we do. Taking this combined approach is what makes our work matter. It’s the reason we’re one of the top 50 universities in the world and a member of Australia’s prestigious Group of Eight. If you want a career where you can thrive, be challenged, and do meaningful work, you’re in the right place.
**Accountabilities**
- Delivery of risk advisory and risk assessment services to university stakeholders
- Review solution/capability design and architecture artefacts, identify and assess security risks, recommend, and prepare high quality reports detailing security issues and risk treatment actions.
- Perform risk assessment of 3rd party/supply chain risk exposure.
- Update the cyber risk register with risks from projects, penetration tests, exemptions, and changes.
- Socialise the risks to the relevant teams and administer the completion of risk treatment and policy compliance initiatives prior to deployment or change.
- Provide expert advice on cyber security compliance by ensuring and communicating adherence to policies, standards, architecture, and strategies (including surrounding cloud services).
- Ensuring any non-compliance, control under-performance or risk beyond appetite is appropriately recorded and effectively escalated for remediation.
- Drive penetration testing scope validation, penetration test report review, risk assessment and retesting recommendations of IT systems and infrastructure as a part of project assurance.
- Advise on new or complex exemptions requests.
- Identify and recommend required changes to cyber security policies and standards.
- Deliver periodic cyber security risk advisory service SLA and KPI metrics to drive compliance.
- Support the independent audit of cyber security controls on behalf of the University, including statutory audits completed by the Audit Office of NSW.
- Continually stay up to date and aware of legal, regulatory compliance and contractual obligations that are relevant to the University’s management of cyber security risk.
- Promote awareness of the University’s internal and external environment for emerging cyber security threats.
- Build effective working relationship with internal and external stakeholders to develop innovative solutions that meet business needs.
- Promote a culture of continuous improvement, championing professional standards, innovation, and methods.
- Other duties appropriate and in line with to this position as requested by the Cyber Security Risk Advisory Manager.
- Align with and actively demonstrate the UNSW Values in Action: Our Behaviours and the UNSW Code of Conduct.
- Ensure hazards and risks psychosocial and physical are identified and controlled for tasks, projects, and activities that pose a health and safety risk within your area of responsibility.
**Skills and Experience**
- Minimum 5 years’ experience in the delivery of cyber security risk assessment, consulting, and advisory services, ideally with experience working for a global consulting firm, technology giant or large government agency or defence consultancy.
- A relevant Degree with extensive experience in cyber security governance, compliance, risk management or cyber security operations within major organisations or an equivalent level of knowledge gained through any other combination of education, training, and experience.
- Strong cyber security GRC fundamentals and strong knowledge of cyber security principles and practices.
- Excellent understanding of industry-wide security standards and compliance frameworks such as ISO 27001, NIST 800-53, CSA, Essential 8, PCI DSS, COBIT 5, Mitre ATT&CK etc.
- Relevant industry certification(s) such as CISSP (Ideal), CEH, CISM, CRISC, GSEC, AWS Security Speciality, Microsoft Azure (highly desirable).
- Excellent understanding of current security technologies, products, and services, including native cloud security controls in AWS and Azure.
- Strong interpersonal, communication and negotiation skills including ability to develop effective relationships and influence key stakeholders at all levels in the organisation.
- Ability to present with credibility and translate technical and complex information concisely for diverse audiences using strong analytical and problem-solving skills.
- Demonstrated high level of personal motivation, resilience, and ability to work effectively individua
-
Lead Cyber Security Consultant
1 day ago
Sydney, New South Wales, Australia Skylight Cyber Security Full timeAbout Skylight CyberAt Skylight Cyber, we're young, transparent, and culture-focused boutique cyber security firm specialising in providing high-end services to enterprises globally. We provide our customers with world class expertise to build and continuously evolve an effective security stack across people, process, and technology.We thrive and are...
-
Cyber Security Consulting Team Lead
2 weeks ago
Sydney, Australia Vertex Cyber Security Full time**Core Duties**: The Cyber Security Consulting Team Lead manages the Consulting Team to deliver end-to-end cyber security consulting services, undertaking duties that include, but are not limited to: - Conducting comprehensive cyber security risk assessments and audits of client technical environments (cloud and on-premise) and policies and procedures,...
-
Cyber Security Advisor Manager
5 days ago
Sydney, Australia Service NSW Full time**Cyber Security Advisor Manager** - ** SNSW **G**rade** 11/12**: - ** 1** x **Ongoing Full-Time**: - ** Headquarter location is McKell, Sydney** As the Cyber Security Advisor Manager,** **you will provide complex cyber security, advice, awareness, resilience and/or training initiatives for Cyber Security to improve organisational or whole-of-government...
-
Cyber Security Risk Manager
2 weeks ago
Sydney, Australia University of New South Wales Full time**Job no**: 527962 **Work type**: full time **Location**: Sydney, NSW **Categories**: Information Technology, Cyber - Employment Type: full time continuing role as a Cyber Security Risk Manager - Excellent salary package including superannuation - Location: UNSW Kensington Campus (Hybrid Working Opportunities) **About UNSW**: UNSW isn’t like other places...
-
Manager Cyber Risk
7 days ago
Sydney, Australia Commonwealth Bank of Australia Full timeManager Cyber Risk **See yourself in our team**: The Technology and Operations (Tech & Ops) Risk team is responsible for providing specialist Operational Risk and Compliance (OR&C) advice and assurance of decisions made across the Technology, Chief Operating Office, and Business Unit divisions. **Do work that matters**: The Manager Cyber Risk plays and...
-
Cyber Awareness Advisor
1 week ago
Sydney Inner Suburbs, Australia Suncorp Group Full timeSecurity Front Door - Flexible working locations of Brisbane or Sydney - WFH Hybrid Working An exciting opportunity is now available for a Cyber Awareness Advisor to join our Cyber Security Education and Awareness team within the Cyber Security and Risk domain at Suncorp. Our focus is on the human side of Cyber Security, and our purpose is to keep Suncorp...
-
Manager Cyber Risk
1 week ago
Sydney, Australia Commonwealth Bank Full time**See yourself in our team**: The Technology and Operations (Tech & Ops) Risk team is responsible for providing specialist Operational Risk and Compliance (OR&C) advice and assurance of decisions made across the Technology, Chief Operating Office, and Business Unit divisions. **Do work that matters**: The Manager Cyber Risk plays and essential role within...
-
Executive Manager, Cyber Risk
5 days ago
Sydney, New South Wales, Australia Westpac Group Full time $180,000 - $250,000 per yearJob DescriptionLead oversight of cyber risk across domains like identity and access, application security, data security, AI, and threat managementInfluence Group-wide cyber risk strategy, policy, and executive-level reportingBe a trusted advisor on business management of cyber risk ,emerging threats, and risk governanceWhat's the role?We're looking for a...
-
Principal Cyber Security Advisor
1 day ago
Sydney, Australia Service NSW Full time**Principal C**y**ber Security A**dvisor**SNSW**G**rade** 11/12**1 x**Temporary Full-Time (**through to September 30**th**, 2027**)**Headquarter location is McKell, Sydney** As the Principal Cyber Security Advisor you will be responsible for providing complex cyber security, advice, awareness, resilience and/or training initiatives for Cyber Security to...
-
Business Information Security Advisor
7 days ago
Sydney, Australia Insurance Australia Group Full timeCreate impact as a **Business Information Security Advisor.** Join the largest general insurance group in Australia and New Zealand **YOUR ROLE** We are looking for 3 Business Information Security Advisors **(titled as Principal, Business Information Security Advisor**) to focus on supporting different business units in IAG. Reporting to the Executive...