Cyber Security Risk Advisor

2 weeks ago


Sydney, Australia University of New South Wales Full time

**Job no**: 525136

**Work type**: full time

**Location**: Sydney, NSW

**Categories**: Information Technology, Cyber
- Employment: Full time (35 hours per week)
- Continuing role as a Cyber Security Risk Advisor
- Remuneration: Excellent salary package including leave loading and generous superannuation
- Location: Based in Kensington, Sydney (hybrid working available)

**About UNSW Sydney**:
UNSW isn’t like other places you’ve worked. Yes, we’re a large organisation with a diverse and talented community; a community doing extraordinary things. Together, we are driven to be thoughtful, practical, and purposeful in all we do. Taking this combined approach is what makes our work matter. It’s the reason we’re one of the top 50 universities in the world and a member of Australia’s prestigious Group of Eight. If you want a career where you can thrive, be challenged, and do meaningful work, you’re in the right place.

**Accountabilities**
- Delivery of risk advisory and risk assessment services to university stakeholders
- Review solution/capability design and architecture artefacts, identify and assess security risks, recommend, and prepare high quality reports detailing security issues and risk treatment actions.
- Perform risk assessment of 3rd party/supply chain risk exposure.
- Update the cyber risk register with risks from projects, penetration tests, exemptions, and changes.
- Socialise the risks to the relevant teams and administer the completion of risk treatment and policy compliance initiatives prior to deployment or change.
- Provide expert advice on cyber security compliance by ensuring and communicating adherence to policies, standards, architecture, and strategies (including surrounding cloud services).
- Ensuring any non-compliance, control under-performance or risk beyond appetite is appropriately recorded and effectively escalated for remediation.
- Drive penetration testing scope validation, penetration test report review, risk assessment and retesting recommendations of IT systems and infrastructure as a part of project assurance.
- Advise on new or complex exemptions requests.
- Identify and recommend required changes to cyber security policies and standards.
- Deliver periodic cyber security risk advisory service SLA and KPI metrics to drive compliance.
- Support the independent audit of cyber security controls on behalf of the University, including statutory audits completed by the Audit Office of NSW.
- Continually stay up to date and aware of legal, regulatory compliance and contractual obligations that are relevant to the University’s management of cyber security risk.
- Promote awareness of the University’s internal and external environment for emerging cyber security threats.
- Build effective working relationship with internal and external stakeholders to develop innovative solutions that meet business needs.
- Promote a culture of continuous improvement, championing professional standards, innovation, and methods.
- Other duties appropriate and in line with to this position as requested by the Cyber Security Risk Advisory Manager.
- Align with and actively demonstrate the UNSW Values in Action: Our Behaviours and the UNSW Code of Conduct.
- Ensure hazards and risks psychosocial and physical are identified and controlled for tasks, projects, and activities that pose a health and safety risk within your area of responsibility.

**Skills and Experience**
- Minimum 5 years’ experience in the delivery of cyber security risk assessment, consulting, and advisory services, ideally with experience working for a global consulting firm, technology giant or large government agency or defence consultancy.
- A relevant Degree with extensive experience in cyber security governance, compliance, risk management or cyber security operations within major organisations or an equivalent level of knowledge gained through any other combination of education, training, and experience.
- Strong cyber security GRC fundamentals and strong knowledge of cyber security principles and practices.
- Excellent understanding of industry-wide security standards and compliance frameworks such as ISO 27001, NIST 800-53, CSA, Essential 8, PCI DSS, COBIT 5, Mitre ATT&CK etc.
- Relevant industry certification(s) such as CISSP (Ideal), CEH, CISM, CRISC, GSEC, AWS Security Speciality, Microsoft Azure (highly desirable).
- Excellent understanding of current security technologies, products, and services, including native cloud security controls in AWS and Azure.
- Strong interpersonal, communication and negotiation skills including ability to develop effective relationships and influence key stakeholders at all levels in the organisation.
- Ability to present with credibility and translate technical and complex information concisely for diverse audiences using strong analytical and problem-solving skills.
- Demonstrated high level of personal motivation, resilience, and ability to work effectively individua



  • Sydney, New South Wales, Australia Skylight Cyber Security Full time $120,000 - $180,000 per year

    About Skylight CyberAt Skylight Cyber, we're young, transparent, and culture-focused boutique cyber security firm specialising in providing high-end services to enterprises globally. We provide our customers with world class expertise to build and continuously evolve an effective security stack across people, process, and technology.We thrive and are...


  • Sydney, New South Wales, Australia Skylight Cyber Security Full time

    OverviewSkylight Cyber is a young, transparent, and culture-focused boutique cyber security firm specialising in providing high-end services to enterprises globally. We provide our customers with world class expertise to build and continuously evolve an effective security stack across people, process, and technology.We thrive and are passionate about the...


  • Sydney, New South Wales, Australia Skylight Cyber Security Full time

    OverviewSkylight Cyber is a young, transparent, and culture-focused boutique cyber security firm specialising in providing high-end services to enterprises globally. We provide our customers with world class expertise to build and continuously evolve an effective security stack across people, process, and technology.We thrive and are passionate about the...


  • Sydney, Australia Bluefin Resources Full time

    Prestigious State Government Client w Excellent Team Culture - 6 Month Contract w Guaranteed Extensions - Sydney Location w Excellent Hybrid Working Flexibility A large government organisation is on the lookout for a mid level Cyber Secuirty Advisor for a 6 month contract based from their head office in the Sydney CBD. As a Cyber Security Consultant and...


  • Sydney Central Business District, Australia HAYS Full time

    A 6-month contract Cyber Security Advisor (GRC) opportunity working for a leading Services company **Your new company** This Cyber Security Advisor is a great job opportunity of working for a leading Services company based in Sydney CBD. **Your new role** Your role is to perform and to investigate internal and external information security risk and...


  • Sydney, Australia Service NSW Full time

    **Cyber Security Advisor Manager** - ** SNSW **G**rade** 11/12**: - ** 1** x **Ongoing Full-Time**: - ** Headquarter location is McKell, Sydney** As the Cyber Security Advisor Manager,** **you will provide complex cyber security, advice, awareness, resilience and/or training initiatives for Cyber Security to improve organisational or whole-of-government...


  • Sydney, Australia Ampersand Full time

    **Rate rate: $850 per day + super** **6 Month contract** **PRIMARY PURPOSE** The Cyber Security Advisor is responsible for the coordination and delivery of cyber security strategy and related policy for NSW State Government! **KEY ACCOUNTABILITIES** - Develop and communicate strategy, policies, standards and guidelines to ensure clients reach maturity...


  • Sydney, Australia ROBERT WALTERS AUSTRALIA Full time

    Overview Senior Cyber Governance Risk and Compliance Advisor. Location: Sydney. Industry: Higher Education. Contract Length: ASAP through to 30/04/2026 initial term. An exciting opportunity has arisen for a Senior Cyber Governance Risk and Compliance Advisor to join a highly top University in Sydney, where your expertise will directly shape the future of...


  • Sydney, New South Wales, Australia ROBERT WALTERS AUSTRALIA Full time

    OverviewSenior Cyber Governance Risk and Compliance Advisor. Location: Sydney. Industry: Higher Education. Contract Length: ASAP through to 30/04/2026 initial term. An exciting opportunity has arisen for a Senior Cyber Governance Risk and Compliance Advisor to join a highly top University in Sydney, where your expertise will directly shape the future of...


  • Sydney, New South Wales, Australia ROBERT WALTERS AUSTRALIA Full time

    OverviewSenior Cyber Governance Risk and Compliance Advisor. Location: Sydney. Industry: Higher Education. Contract Length: ASAP through to 30/04/2026 initial term. An exciting opportunity has arisen for a Senior Cyber Governance Risk and Compliance Advisor to join a highly top University in Sydney, where your expertise will directly shape the future of...