Cyber GRC Manager (PSTV Cleared) (Canberra)

Cyber GRC Manager (PV Cleared)
- Canberra (On-site 5 days per week) | Permanent Want to lead Authority to Operate (ATO) outcomes and lift cyber maturity in an environment where security actually matters? Would you like to grow a team of 4 GRC Analysts to 7 and be part of a growing workplace? We are partnering with a highly regarded organisation in the Government & Defence sector to recruit a Cyber GRC Manager in Canberra. This is a permanent, on-site role working closely with senior cyber leadership, driving governance, risk, compliance and security authorisation across complex systems. Why you'll want this role
- High-impact work: Own and lead security authorisation activities supporting Government ATO processes.
- Leadership & influence: Report into senior cyber leadership and guide a dedicated GRC function (direct report included).
- Maturity uplift focus: Drive implementation and continuous improvement aligned to Government security frameworks.
- Variety: Influence greenfield initiatives and modernisation of legacy systems.
- Growth: Robust emphasis on mentoring and self-directed learning in a small, capable cyber team.
- Permanent prospect: Long-term stability in a highly regulated environment. The role (what you'll be doing)
- Owning security authorisation documentation (e.g., System Security Plans, Security Risk Management Plans, Cyber Incident Response Plans) for ATO.
- Leading implementation and uplift across frameworks/standards such as ISM, PSPF, ASD Essential Eight, NIST (and similar).
- Running and leading cyber security risk assessments, with pragmatic risk treatment strategies.
- Acting as a trusted SME across stakeholders with varying technical depth, including executive-level briefings.
- Partnering with IT and delivery teams to embed security into infrastructure, projects, and enterprise applications. What you'll bring
- Australian Citizenship (and eligible to maintain PV clearance requirements)
- AGSVA Positive Vetting clearance (Current, active or recently deactivated within the past 2 months)
- Strong experience in cyber security / GRC (typically 7+ years in cyber/GRC-focused roles)
- Solid working knowledge of PSPF, ISM, ASD Essential Eight (and/or NIST)
- Proven stakeholder management across a complex, regulated environment Nice-to-haves
- Exposure to ISO 27000 series, NIST 800 series, CIS controls, etc. Please note Canberra-based candidates with full time work rights or people already willing to relocate only will be considered for this role as it is a requirement for this position and no sponsorship is on offer. Candidates from all backgrounds are welcome to apply too. Please feel free to also send a CV to , our Principal IT Consultant for Data, AI and Cyber, thanks. #J-18808-Ljbffr Apply on Kit Job: kitjobau.com/job/3rr2u2