Cyber Security GRC Consultant

• We're a 'Family Friendly' certified workplace – we understand the often many and varied roles our team members need to play within their own unique family setting and actively support them.

Our team feel Leidos is a great place to work. Learn more about our culture and benefits by visiting us here

Do Work That Matters

Leidos Australia delivers IT and airborne solutions that protect and advance the Australian way of life.  Our 2000 local experts, backed by our global experience and network of partners, are working to solve the world's toughest challenges in government, intelligence, defence, aviation, border protection and health markets.

Your New Role and Responsibilities

Within Leidos Central Processing (CP) Security, the Cyber Security GRC Consultant supports the governance, risk, and compliance domains within the cybersecurity program, supporting the CP Environment.

This role is responsible for supporting enterprise-wide efforts to ensure compliance with regulatory requirements, internal policies, and industry best practices. The role combines technical knowledge, strategic thinking, and regulatory awareness to mature the security posture and risk management capabilities of a complex strategic environment.

Key Responsibilities: 

• Develop, implement, and maintain cybersecurity policies and standards aligned with frameworks (e.g., NIST CSF, ISO/IEC 27001, DSPF, ISM) and prepare security assessment documentation for system authorisations.

• Conduct and support risk assessments across systems and vendors, track remediation efforts, and coordinate audits to ensure compliance with regulatory and internal requirements.

• Review and assess third-party vendors for security risks, provide mitigation strategies, and support due diligence processes.

• Deliver security awareness programs, develop targeted training, and report GRC metrics and KPIs through dashboards and documentation for leadership and working groups.

• Act as a trusted advisor, mentor junior team members, and identify opportunities for automation and strategic enhancements to mature the GRC function.

About You and What You'll Bring 

• Proven experience in GRC-focused information security roles.

• Strong understanding of cybersecurity standards, regulations, and risk frameworks, plus experience in Defence environments and the Cyber Security Assessment and Authorisation Framework.

• Excellent written and verbal communication (including executive-level reporting), strong analytical and problem-solving skills, and ability to work independently to deliver outcomes.

• Certifications such as CISSP, CISA, CISM, CRISC, CGEIT, ISO 27001 Lead Implementer/Auditor, or IRAP highly regarded; experience in regulated sectors (Defence, finance, healthcare, energy, government) desirable.

• Strategic thinking, risk-based decision-making, project management capability, regulatory acumen, and technical understanding of cybersecurity controls.

This role does require the successful applicant to be an Australian Citizen and hold a NV-1 level security clearance and able to uplift and maintain NV-2.

Diverse Team Members, Shared Values and a Common Purpose

Providing our customers with smarter solutions takes an incredible team with diversity of thought, experience and perspectives driving innovation. Inclusion is at the heart of our culture and is one of our core values. It's about creating a workplace where everyone can do important work, feels welcome, valued, and respected, and has equal access to opportunities to thrive. Paul Chase – Chief Executive, Leidos Australia.

Leidos Australia is an equal opportunities organisation and is committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities, and age groups.

Our five Advocacy Groups (Women and Allies Network, Young Professionals, Defence & Emergency Services, Action for Accessibility and Abilities and Pride+) provide an opportunity for team members to connect and collaborate on shared interests, and work to support and celebrate our diverse community.

Next Steps

• To apply for this role, follow the links or apply via our Careers page.

• Recruitment process - virtual / face to face interview & background checks.

• Applicants may also need to meet International Traffic in Arms Regulations (ITAR) requirements. In certain circumstances this can place limitations on persons who hold dual nationality, permanent residency or are former nationals of certain countries as per ITAR 126.1.

• We are committed to making our recruitment process accessible to all candidates. Please contact our Careers team if you'd like to discuss any additional support during your application or throughout the recruitment process. 

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.