Cyber Security GRC Consultant at Leidos

Melbourne, Victoria, Australia -

Full Time

Start Date

Immediate

Expiry Date

29 Dec, 25

Salary

0.0

Posted On

30 Sep, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cyber Security, Governance, Risk Management, Compliance, Policy Development, Vendor Security, Training, Reporting, Strategic Planning, Mentoring, Automation, Communication, Technical Expertise, Regulatory Understanding, Risk-Based Decision Making, Information Security

Industry

Defense and Space Manufacturing

Description

We’re a ‘Family Friendly’ certified workplace – we understand the often many and varied roles our team members need to play within their own unique family setting and actively support them. Our team feel Leidos is a great place to work. Learn more about our culture and benefits by visiting us here https://www.leidos.com/company/global/australia/careers Do Work That Matters Leidos Australia delivers IT and airborne solutions that protect and advance the Australian way of life. Our 2000 local experts, backed by our global experience and network of partners, are working to solve the world’s toughest challenges in government, intelligence, defence, aviation, border protection and health markets. Your New Role and Responsibilities Within the Central Processing (CP) Security team, the Cyber Security GRC Specialist plays a key leadership role in shaping and supporting our governance, risk, and compliance efforts across the CP Environment. This senior position blends technical expertise, strategic insight, and collaborative engagement to ensure our cybersecurity program meets regulatory obligations and aligns with best practices. You’ll work closely with cross-functional teams and stakeholders to uplift the organisation’s security posture and foster a culture of informed risk management. Responsibilities Governance, Policy & Compliance: Collaboratively develop, review, and maintain cybersecurity policies and processes aligned with key frameworks (e.g. NIST CSF, ISO 27001, DSPF, ISM); contribute to system authorisation activities and lead compliance initiatives, including POAM remediation. Risk Management: Facilitate enterprise risk assessments across systems, vendors, and business units; guide business impact analyses and threat modelling; support informed decision-making through clear tracking and communication of mitigation efforts. Third-Party Risk & Due Diligence: Partner with internal stakeholders to lead vendor security reviews and due diligence processes; support risk-informed vendor decisions and foster trusted third-party relationships. Awareness, Training & Reporting: Lead the design and delivery of inclusive, enterprise-wide security awareness initiatives; tailor training to diverse teams; prepare reports, dashboards, and insights for leadership and governance forums. Leadership, Strategy & Innovation: Act as a trusted advisor across the business; mentor and support junior colleagues; identify opportunities to enhance processes through automation; contribute to the ongoing evolution of the GRC function through strategic planning and collaboration. About You You’re a collaborative, solutions-oriented professional who brings both technical expertise and a people-first mindset to your work. You value working in inclusive teams, building strong relationships, and delivering meaningful outcomes. A degree in Information Security, Computer Science, Risk Management or a related field – or equivalent industry certifications. Experience in information security, including specialism in GRC. A solid understanding of security standards and frameworks, particularly in regulated environments such as Defence, and experience with the Cyber Security Assessment and Authorisation Framework. Strong communication skills – written and verbal – with experience presenting to senior leadership and translating complex ideas into clear, actionable insights. Industry-recognised certifications such as CISSP, CISA, CISM, CRISC, CGEIT, ISO 27001 Lead Implementer/Auditor, or IRAP. A strengths-based mindset, with capabilities in strategic thinking, risk-based decision making, regulatory understanding, and technical knowledge of cyber controls. A self-starter attitude with the ability to work both independently and as a supportive member of high-performing teams. This role does require the successful applicant to be an Australian Citizen and hold a NV-1 level security clearance and uplift to an NV-2 Diverse Team Members, Shared Values and a Common Purpose Providing our customers with smarter solutions takes an incredible team with diversity of thought, experience and perspectives driving innovation. Inclusion is at the heart of our culture and is one of our core values. It's about creating a workplace where everyone can do important work, feels welcome, valued, and respected, and has equal access to opportunities to thrive. Paul Chase – Chief Executive, Leidos Australia. Leidos Australia is an equal opportunities organisation and is committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities, and age groups. Our five Advocacy Groups (Women and Allies Network, Young Professionals, Defence & Emergency Services, Action for Accessibility and Abilities and Pride+) provide an opportunity for team members to connect and collaborate on shared interests, and work to support and celebrate our diverse community. Next Steps To apply for this role, follow the links or apply via our Careers page. Recruitment process - virtual / face to face interview & background checks. Applicants may also need to meet International Traffic in Arms Regulations (ITAR) requirements. In certain circumstances this can place limitations on persons who hold dual nationality, permanent residency or are former nationals of certain countries as per ITAR 126.1. We are committed to making our recruitment process accessible to all candidates. Please contact our Careers team careers.au@au.leidos.com if you’d like to discuss any additional support during your application or throughout the recruitment process. If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares. Original Posting: For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. Leidos Leidos is a Fortune 500® innovation company rapidly addressing the world's most vexing challenges in national security and health. The company's global workforce of 47,000 collaborates to create smarter technology solutions for customers in heavily regulated industries. Headquartered in Reston, Virginia, Leidos reported annual revenue of approximately $15.4 billion for the fiscal year ended December 29, 2023. For more information visit www.Leidos.com. Pay and Benefits Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here. Securing Your Data Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to spam.leidos@leidos.com. Commitment and Diversity All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

Responsibilities

The Cyber Security GRC Consultant will lead governance, risk, and compliance efforts within the Central Processing Security team. Responsibilities include developing cybersecurity policies, facilitating risk assessments, and leading vendor security reviews.