This website uses cookies to ensure you get the best experience.

Cognisys and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor
Skip to main content
Governance, Risk and Compliance (GRC) · Australia · Hybrid

Information Security Consultant

Location: Sydney Australia, Hybrid 

Salary: A$120-138k per annum plus benefits 


We have an exciting opportunity to join our GRC (Governance, Risk and Compliance) team, based partly in our Sydney based office and partly remote, as an Information Security Consultant, at a time of rapid growth and innovation at Cognisys.

Cognisys is a leading cybersecurity company specialising in Penetration Testing, GRC Consulting and Managed Security services. We pride ourselves on our customer service, forward-thinking approach, and commitment to excellence. Our small but mighty team works with some of the best-known companies in the world, covering over 30 countries worldwide!

About the Role

This role will be an early role for our global GRC team in Australia! This is a client-facing, delivery-focused role suited to a security and compliance professional who is confident supporting engagements and contributing high-quality advisory services.

As an Information Security Consultant, you will support the delivery of GRC engagements across a range of clients and industries. You will help translate regulatory and framework requirements into practical, business-aligned solutions and work collaboratively with senior consultants and client stakeholders to drive measurable improvements in governance, risk, and compliance.

This role suits someone with strong foundational GRC knowledge, growing consulting experience, and a desire to develop into a trusted security advisor.

You’ll support and deliver a variety of cybersecurity governance, risk, and compliance engagements from ISO27001 and SOC2 consultancy and internal audits to broader regulatory and standards-based frameworks, including ISO42001, PCI-DSS, GDPR, and other emerging or bespoke requirements. 

Key Responsibilities

Client Delivery & Support

  • Support the delivery of GRC consulting engagements across multiple clients and sectors.

  • Contribute to security posture assessments, gap analyses, and maturity reviews.

  • Assist in the design and implementation of GRC programmes aligned to frameworks such as ISO 27001, SOC 2, NIST, and related standards.

  • Support clients through audit preparation, certification processes, and external assessments.

  • Develop remediation plans and assist clients in tracking progress against agreed actions.

  • Participate and lead in client workshops, risk assessments, and stakeholder sessions.

Advisory & Technical Contribution

  • Support the interpretation of security standards and regulations, translating requirements into practical recommendations.

  • Lead in the development of policies, procedures, risk registers, control frameworks, and governance documentation.

  • Contribute to the design and documentation of security controls and operating models.

  • Help embed compliance activities into operational and technical processes.

  • Conduct risk assessments and maintain supporting documentation.

Quality & Professional Standards

  • Produce high-quality client deliverables with clarity, accuracy, and consistency.

  • Follow established methodologies, templates, and internal quality standards.

  • Proactively identify areas for improvement within engagements.

  • Manage assigned tasks effectively to meet deadlines and scope expectations.

Requirements

  • 2–5 years’ experience in security, risk, compliance, or GRC-related roles.

  • Practical experience with at least one framework such as ISO 27001, SOC 2, NIST, or similar standards.

  • Experience supporting compliance or assurance initiatives (internal or client-facing).

  • Strong written and verbal communication skills.

  • Ability to manage multiple priorities in a structured and organised manner.

  • Analytical mindset with a pragmatic approach to problem solving.

  • Comfortable working with both technical and non-technical stakeholders.

  • Represent the company professionally at all times, delivering high standards of client service.

  • Undertake occasional travel to client sites as needed.

  • External consulting experience is preferred but not essential.

  • Experience with GRC platforms including Vanta is desirable.

What We Offer

  • Annual Leave: 22 days per year, plus public holidays.

  • Additional Leave: 1 day of paid leave on your Birthday!

  • Health & Wellbeing: Access to our Employee Mental Health and Wellbeing platform.

  • Professional Development: £2,000 annual training budget to support your continued learning and career growth.

  • A dynamic and supportive work environment where customer care and innovation drive everything we do.

  • Refer a friend bonus scheme, up to £2,000!

Why Join Us?

At Cognisys, you will be part of a collaborative and innovative team that values your input and shares support. You'll have the opportunity to work on challenging projects that make a real impact on our clients. We'd love to hear from you if you want to challenge, lead and innovate!

We're not just about the work; we're about the people. Join a team where innovation is celebrated and your contributions are valued. We foster a collaborative environment where fresh ideas thrive and professional growth is encouraged.

Applications

Please feel free to reach out to Kath, our Head of People & Culture, if you would like any further information, to discuss accessibility requirements, or if you require this information provided in an alternative format – kath.connell@cognisys.group

We welcome applications from candidates from diverse backgrounds and can make various reasonable adjustments to accommodate individual needs.

NO RECRUITMENT AGENCIES PLEASE

Department
Governance, Risk and Compliance (GRC)
Role
Information Security Consultant
Locations
Australia
Remote status
Hybrid
Picture of Kath Connell
Contact Kath Connell Head of People & Culture – Human Resources

Colleagues

Picture of Steve Byrom
Steve Byrom
Chief Revenue Officer
Governance, Risk and Compliance (GRC) · Australia · Hybrid

Information Security Consultant

Loading application form

Already working at Cognisys?

Let’s recruit together and find your next colleague.

Applicant tracking system by Teamtailor