QUALIFICATIONS & EXPERIENCE

• Tertiary qualifications in cybersecurity or similar technology discipline or agreed equivalent experience.
• Industry-recognized security certifications such as SABSA, CISSP, CISA, CISM, CRISC, SANS or similar.
• Previous advisory and consulting experience in relation to cybersecurity engagements.
• Knowledge of cybersecurity and/or risk assessment standards and frameworks (NIST, ISO27001, APRA, ASD ISM, PCI-DSS).
• Demonstrated knowledge of cloud infrastructure security practices (AWS/Azure).
• 3-6 years’ of cybersecurity experience preferrable with exposure to consulting-related activities.
• High-level written and spoken English language skills. The role requires extensive report writing, so fluency, accuracy and excellent written and verbal skills are a must.
• The ability to work on multiple clients matters at one time.
• The ability at to work with limited supervision.
• A track record of collaborating effectively with other team members in time sensitive situations.
• A strong work ethic and integrity and high level of professionalism.
• Travel to FTI Consulting’s interstate and/or client locations as required.

ABOUT THE ROLE

FTI Consulting is the number one global expert firm for organisations facing crisis, transformation and moments of truth. The Cybersecurity Practice within FTI Consulting is a leading provider of independent cybersecurity and risk management advisory services with a core offering focused on (but not limited to) Cyber Readiness, Incident Response and Complex Investigations & Litigation Support:
We are seeking to appoint a Senior Consultant (3-6 years’ experience with Aust citizen or PR status) to our cybersecurity practice. This is a full-time role offering excellent career opportunities and professional development for your future progression within the firm.

WHAT YOU’LL DO

Work with clients to provide strategic and tactical advice that enhance our clients’ cybersecurity posture:

• Support the design and development of cybersecurity strategies and cyber maturity roadmaps.
• Create and update information security policy frameworks.
• Perform cybersecurity current state assessments, assessing the effectiveness of cybersecurity processes/controls and risks against best practice frameworks such as ISO27000 series, NIST CSF, AESCSF, E8 and other regulatory compliance frameworks.
• Write reports and findings on cyber security maturity, gap assessments and remediation plans, framework and compliance to standards
• Contribute to establishing risk management plans, such as SOCI Critical Infrastructure Risk Management Program (CIRMP).
• Establish and support the delivery of cybersecurity risk management remediation reports and delivery outcomes.
• Develop security awareness plans to form part of an overall Education and Awareness program, based on current and relevant cyber threats and risks.
• Perform threat modelling and risk assessments to identify security risks, vulnerabilities, and risk mitigation strategies.
• Conduct security architecture assessments assessing the completeness and effectiveness of security controls, identifying security control gaps, security weaknesses and potential attack vectors.
• Perform third-party security risk assessments and support the implementation of third-party risk management programs.
• Assist in the planning of client deliverables (i.e. security strategy, risk assessments, policies & standards, scope documents and reports).
• Participate in post incident reviews and post data breach related investigations into the strategic root cause of incidents.

How You’ll Grow
This is an excellent opportunity for a person with proven, hands-on cybersecurity experience to join a dynamic and growing cybersecurity team. With the ever-evolving cybersecurity landscape, the need for continuous professional development remains at the forefront of the quality of our team and is wholly supported.
We are committed to investing and supporting you in your professional development and we aim to promote continuous learning and individual skills development through on-the-job learning, self-guided professional development courses and certifications.