Associate Cybersecurity Grc Consultant

Triskele Labs is a cybersecurity company focused on real outcomes, not just theoretical frameworks. Our Governance, Risk and Compliance (GRC) team partners with organisations to assess risk, improve security maturity, and build practical, evidence-based programs that work in real environments.

We are looking for an Associate Cybersecurity GRC Consultant to join our Advisory team in Melbourne. This role is ideal for someone with one to two years of experience in cybersecurity, IT risk, compliance, or governance who is ready to grow in a structured and supportive environment.

**About the Role**

As an Associate GRC Consultant, you will support our senior consultants in delivering risk assessments, ISO 27001 projects, Essential Eight maturity reviews, and the development of cybersecurity governance documentation. You will gain exposure to a broad range of industries and clients, work across different frameworks, and build both consulting and technical awareness.

You will participate in workshops, document assessments, and client meetings. Over time, you will take on more responsibility in leading engagements, contributing to governance discussions, and becoming a trusted advisor to your clients.

This is a client-facing role, but you will be supported every step of the way by experienced team members who will mentor and coach you.

**Requirements**:
**About You**

We are looking for someone early in their cybersecurity career who is curious, driven, and ready to grow. You might come from a background in GRC, risk, compliance, IT audit, security operations, or a broader technology role. What matters most is your willingness to learn, your attention to detail, and your ability to engage with people professionally.

You will be successful in this role if you have:

- Around one to two years of experience in cybersecurity, IT governance, audit, risk, or compliance
- A basic understanding of key frameworks such as ISO 27001, Essential Eight, or NIST CSF
- Strong written and verbal communication skills, including the ability to document clearly and present ideas confidently
- A professional approach to working with clients and stakeholders, with support from senior consultants
- A willingness to ask questions, accept feedback, and take initiative
- An interest in developing a broader understanding of cybersecurity, including how technical controls map to governance frameworks
- A desire to grow into a capable consultant who can lead projects in the future

**Key Responsibilities**
- Assist in delivering cyber risk assessments aligned to ISO 27001, NIST CSF, Essential Eight and related frameworks
- Help develop key governance artefacts such as risk registers, security policies, and ISMS documentation
- Contribute to maturity assessments and provide structured, evidence-based recommendations
- Participate in client workshops and stakeholder interviews to gather context and information
- Support the development of board and executive-level reporting under the guidance of senior team members
- Maintain accurate and consistent documentation, working with peers to ensure high-quality outcomes
- Shadow and learn from experienced consultants, taking on more responsibility over time
- Build foundational technical awareness of common security controls, tools, and environments
- Help ensure that advice and recommendations are not only aligned to best practice but also practical and achievable for clients

**Benefits**

At Triskele Labs, you will join a team of people who genuinely care about delivering quality work. You will be supported, mentored, and included in real projects from day one. We invest in your development and create pathways for you to step up into more senior roles over time.

You'll work across clients of all sizes and industries, alongside people who are passionate about cybersecurity and driven by real outcomes. This is a great opportunity to build a long-term career in consulting with exposure to advisory, detection and response, incident handling, and offensive security.

**Working Arrangements**

The position is hybrid, requiring two days per week in our Melbourne office. Some clients may also require occasional on-site engagement, particularly for longer-term projects, which could involve one to three days per week depending on client needs.