MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Senior Cybersecurity Consultant

Datacom

Canberra, Australian Capital Territory, Australia Hybrid permanent

Posted: April 1, 2026

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Quick Summary

Senior Cybersecurity Consultant is responsible for providing strategic advice and guidance on cybersecurity governance and risk management for large-scale organizations in the public sector.

Required Skills

Security Consulting Stakeholder Collaboration Project Delivery Continuous Improvement Assessment and Reporting Governance Risk Management Compliance Security Clearances Australian Cybersecurity Standards

Job Description

Position: Senior Cybersecurity Consultant

Datacom Location: Canberra preferred but open to other cities across Australia

Security Requirements: Citizens Only due to need for security clearances. Current security clearances preferred (either Baseline, NV1 or NV2)

Full Time, Permanent Position.

Our Why

Datacom works with organisations and communities across Australia and New Zealand to make a difference in people’s lives and help organisations use the power of tech to innovate and grow.

About the Role (your why)

The Senior Cybersecurity Consultant role, with a focus on Governance, Risk and Compliance (GRC), is responsible for helping Datacom’s customers strengthen their security posture by aligning security measures with business goals.

You will work closely with Datacom’s customers to ensure compliance with key Australian cybersecurity standards and regulations, primarily with the Australian Signals Directorate (ASD) Information Security Manual (ISM) and Essential Eight (E8), the Commonwealth Protective Security Policy Framework (PSPF) and may include other supporting international and national security standards and industry frameworks.

This role is ideal for security professionals with a 10+ years’ experience in IT, with 5 years’ experience specialising in Governance, Risk and Compliance (GRC).

Due to the nature of our client, you must be an Australian Citizen and be able to achieve Australian Government NV1 clearance to be successful in your application for this role. You must have at least a baseline clearance to apply.

What You’ll Do

• Security Consulting: Act as a trusted advisor to Datacom’s customers and internal stakeholders, understanding their cybersecurity needs and providing expert guidance and security solutions.
• Stakeholder Collaboration: Collaborate with cross functional teams to ensure a shared understanding of security risks and propose fit for purpose mitigations. This may include working closely with project managers, technical support teams, architects, third party vendors, developers, security teams and business units to integrate security requirements into projects or business as usual (BAU) tasks.
• Project Delivery: Support the planning and delivery of security projects or Datacom’s engagements, ensuring outcomes are achieved on time and meet quality standards. Maintain documentation of activities and track progress against project goals. Provide oversight and guidance to more junior team members.
• Continuous Improvement: Stay up to date with the latest cyber threats, vulnerabilities, and best practices. Proactively recommend improvements to security policies, processes and tools to enhance overall security posture.
• Communication and Reporting: Prepare clear reports and presentations on security findings and recommendations. Communicate technical information to both technical and non-technical audiences (e.g. executives or customers) in an understandable manner, to facilitate informed decision-making.
• Risk Assessments: Conduct comprehensive cybersecurity risk assessments and business impact analyses to identify vulnerabilities and evaluate potential threats. Develop risk artefacts such as plans, reports or registers and create roadmaps for safeguarding critical assets based on assessment findings.
• Compliance and Audit: Undertake compliance assessments against relevant standards, frameworks and regulations (e.g. ISM, PSPF or ISO 27001/27002). Ensure the organisation
• Meet requirements of frameworks and industry-specific regulations. Prepare for and support internal (Datacom) and external (IRAP or ANAO) audits, addressing any compliance gaps identified.
• Policy Development: Develop and update security policies, plans, standards, and procedures aligned with best practices and regulatory requirements. This includes authoring cybersecurity policy documents and process improvement artefacts to strengthen governance. Ensure that policies reflect frameworks and are communicated effectively across the organisation.
• Security Strategy and Advisory: Contribute to the creation of tailored cybersecurity strategies and governance frameworks that align with Datacom or the customer’s unique business objectives and risk appetite. Provide advice to senior management on implementing security controls and risk treatments in a pragmatic, business-aligned manner.

What You’ll Bring

• More than 5 years of hands-on experience in cybersecurity or information security roles, preferably including some time in a consulting or advisory capacity within a complex organisation or a Managed Services provider.
• Direct exposure to GRC within the Australian Government, including knowledge of the IRAP assessment process and experience in developing the supporting documentation required to attain an Authority to Operate, such as the SSP-A, SSP, SRMP, IRP and CMP.
• Practical knowledge of cybersecurity frameworks and standards. For example, familiarity with Australian government standards like the ISM, E8 and PSPF. Experience applying risk management frameworks and ensuring compliance with regulations is essential.
• Demonstrated ability to conduct security risk assessments and compliance reviews. Comfortable mapping security controls to framework requirements, identifying gaps, and recommending remediation actions. Experience developing and maintaining risk assessment material, security policies, and/or audit documentation is essential.
• Knowledge of Australian cybersecurity and privacy regulations (e.g. familiarity with the Australian Privacy Act and Notifiable Data Breaches scheme) is useful.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field or equivalent work experience in a relevant discipline can be advantageous but not mandatory.
• Professional security certifications are highly valued. Certifications such as CISM, CISA, CRISC, or ISO 27001 Lead Auditor/Implementer or similar security certifications demonstrate relevant expertise. Certifications like CISSP (or Associate of CISSP), CEH, OSCP, or relevant SANS GIAC certifications (e.g. GSEC, GCIH, GPEN) are a plus. Certification in cloud security (e.g. AWS Security Specialty, CCSP) or other specialised areas is also highly regarded.
• While not mandatory, any awareness of the following international and industry standards or frameworks will be useful, while experience will be highly regarded:

o ISO/IEC 27001 - Information Security Management System (ISMS), ISO/IEC 27002 Information Security Controls, ISO/IEC 31000 Risk Management - Principles and Guidelines, and ISO/IEC 27005 Information Security Risk Management.

o National Institute of Standards and Technology (NIST) - various risk, privacy, control, configuration and audit frameworks.

o ITIL practices for IT service management (ITSM), including security operations and incident management.

o Australian Prudential Regulation Authority (APRA CPS 234) - Information Security Standard.

o Australian Privacy Act 1988 and Notifiable Data Breaches (NDB) Scheme.

o PCI DSS (Payment Card Industry Data Security Standard).

o Open Web Application Security Project (OWASP).

o MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge).

o Common Vulnerability Scoring System (CVSS).

o Zero Trust Architecture (ZTA).

o Centre for Internet (CIS) Security Critical Security Controls.

o Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM).

• Strong analytical and problem-solving capabilities with keen attention to detail. Proactive in troubleshooting security issues and adept at finding creative, practical solutions. Ability to handle multiple priorities and work under pressure during security incidents or project deadlines.
• Excellent written and verbal communication skills are essential. Able to translate technical security findings into clear, non-technical language for business leaders or customers. Strong interpersonal skills to work effectively with various Datacom or customers stakeholders, build consensus on security measures, and mentor junior team members.

Why join us here at Datacom?

Datacom is one of Australia and New Zealand’s largest suppliers of Information Technology professional services. We have managed to maintain a dynamic, agile, small business feel that is often diluted in larger organisations of our size. It's our people that give Datacom its unique culture and energy that you can feel from the moment you meet with us.

We care about our people and provide a range of perks such as social events, chill-out spaces, remote working, flexi-hours and professional development courses to name a few. You’ll have the opportunity to learn, develop your career, connect and bring your true self to work. You will be recognised and valued for your contributions and be able to do your work in a collegial, flat-structured environment.

We operate at the forefront of technology to help Australia and New Zealand’s largest enterprise organisations explore possibilities and solve their greatest challenges, so you will never run out of interesting new challenges and opportunities.

We want Datacom to be an inclusive and welcoming workplace for everyone and take pride in the steps we have taken and continue to take to make our environment fun and friendly, and our people feel supported.

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply