Cyber Security Consultant

Cyber Security Professionals: Multiple Roles | Federal Government Contract | NV1 Clearance RequiredLocation: Canberra, ACT (Onsite position; hybrid work arrangements may be considered and will be subject to client approval based on role requirements.Contract Duration: 3 years + Optional based on the requirementEngagement Type: Contract (Time & Materials)Experience Level: 8+ yearsPositions: Multiple openings (Consultants, Senior Consultants, Principal Consultants)Compensation: Market competitive; Negotiable About the OpportunityWe are partnering with one of our esteemed Federal Government clients to identify experienced and highly skilled Cyber Security Professionals for a large-scale, long-term program supporting national security outcomes. This is an exciting opportunity to join a high-performing cybersecurity team delivering services across multiple domains, contributing directly to strengthening Australia’s cyber resilience. We are inviting applications from professionals with active NV1 security clearance for the following categories:1. Governance, Risk & Compliance (GRC)•Professionals in this category will be responsible for:Developing and delivering ICT Security Policies and Standards in line with government frameworks.Conducting Threat and Security Risk Assessments at both agency and system levels.Performing Compliance Assessments under the ISM, PSPF, and Essential Eight.Undertaking IRAP Assessments (must be a registered IRAP Assessor).Supporting audit and assurance activities to ensure compliance with security obligations.Advising on risk mitigation strategies and control implementation.Collaborating with stakeholders to embed security governance across projects.Providing expert input into security accreditation and certification processes.2. Security Testing & AssuranceThis role involves hands-on technical testing and assurance activities, including:Performing in-depth Penetration Testing (closed-box, open-box, double-blind) across various platforms.Conducting Red Team and Purple Team simulated cyberattack exercises.Executing Social Engineering campaigns, including phishing simulations.Reviewing and assessing Security Configurations of systems and infrastructure.Enhancing vulnerability assessment processes and methodologies.Maintaining and operating the vulnerability management solution (e.g., Tenable).Preparing detailed technical reports and remediation guidance.Supporting continuous improvement of security testing practices.3. Security Advisory & ConsultingAdvisors and consultants will provide strategic and architectural guidance, including:Conducting Security Architecture Reviews for new and existing systems.Performing Cloud Security Assessments across multi-cloud environments.Developing and maintaining ICT Security Strategies aligned with business goals.Advising on secure design and implementation of ICT systems.Supporting project teams with security input during solution development.Providing recommendations on emerging threats and mitigation strategies.Engaging with stakeholders to align security with business objectives.Delivering tailored security consulting services as required.4. Incident Preparedness & ResponseThis role focuses on proactive and reactive incident management, including:Conducting Threat Hunting activities to detect and mitigate advanced threats.Developing and maintaining Incident Response Plans and Playbooks.Facilitating and leading Tabletop Exercises to test response readiness.Performing Digital Forensics and Investigations post-incident.Coordinating with internal and external stakeholders during incidents.Supporting continuous improvement of incident response capabilities.Advising on containment, eradication, and recovery strategies.Providing after-action reports and lessons learned documentation.5. Security Writing & TrainingThis category is ideal for professionals with strong communication and documentation skills:Developing engaging Security Awareness content and training materials.Preparing comprehensive technical documentation, including: System Security PlansCybersecurity Incident Response PlansChange and Configuration Management PlansContinuous Monitoring PlansSupporting knowledge transfer and capability uplift initiatives.Creating user-friendly guides and SOPs for technical and non-technical audiences.Collaborating with SMEs to ensure accuracy and relevance of content.Ensuring documentation aligns with compliance and audit requirements.Delivering training sessions and workshops as needed.Supporting broader security communication strategies.Ideal Candidate AttributesWe’re looking for seasoned cybersecurity professionals who bring both technical expertise and strategic insight. Ideally, you have:• Active NV1 Security Clearance (mandatory). • 8+ years of experience in cybersecurity roles within government, defense, or enterprise environments. • Relevant certifications such as CISSP, CISM, CISA, OSCP, CEH, GCIH, CRISC, GCFA & IRAP Assessor Certification. For IRAP Assessment Good understanding of the security principles, architecture, frameworks will be preferred. • Strong communication and stakeholder management skills. • A degree in Cyber Security, Computer Science, Risk Management, or related fields. • A proactive, collaborative approach and passion for protecting national interests.Why Join?• Multi-year federal project offering long-term stability. • Market-competitive compensation (negotiable for the right candidate). • Hybrid work flexibility based on client/operational needs. • Opportunity to contribute to mission-critical national security initiatives. Application DetailsClosing Date: 24 October 2025Application Instructions: Please mention the specific category you are applying for in your subject line, such as: Subject: Cybersecurity – GRC Subject: Cybersecurity – Security Testing Subject: Cybersecurity – Advisory Only applicants with active NV1 clearance will be considered. Please send your detailed resume, ensuring your email address and contact number are clearly mentioned for prompt communication.