Senior Information Security Consultant

Senior Information Security Consultant Location: Australia, Sydney Salary : A$165-185k per annum plus benefits We have an exciting opportunity to join our GRC (Governance, Risk and Compliance) team, based partly in our Sydney based office and partly remote, as a Senior Information Security Consultant, at a time of rapid growth and innovation at Cognisys. Cognisys is a leading cybersecurity company specialising in Penetration Testing, GRC Consulting, and Managed Security services. We pride ourselves on our customer service, forward-thinking approach, and commitment to excellence. Our small but mighty team works with some of the best-known companies in the world, covering over 30 countries worldwide! About the Role This role will be our first boots-on-the-ground GRC team role in Australia! This is a pivotal role for someone who thrives in a fast-paced environment, solving complex problems at speed and working directly with clients to deliver high-value outcomes. You will be managing a growing portfolio of clients as part of our wider GRC delivery team. You’ll lead and deliver a variety of cybersecurity governance, risk, and compliance engagements from ISO27001 and SOC2 consultancy and internal audits to broader regulatory and standards-based frameworks, including ISO42001, PCI-DSS, GDPR, and other emerging or bespoke requirements. You will have the exposure and capability to manage client specific projects to ensure we deliver in line with client expectations. You will shape our consulting methodologies and over time mentor junior consultants, playing a key role in scaling our capability as the company grows. You’ll need to be a confident communicator who can engage with C-level stakeholders, translate complex frameworks into clear guidance, and apply strategic thinking to deliver exceptional results. Key Responsibilities Lead and deliver a range of client engagements, including readiness assessments, internal audits, and ongoing advisory work across multiple frameworks. Act as a trusted advisor, providing expert guidance on ISO27001, SOC2, and other standards or regulatory requirements such as GDPR, PCI-DSS, ISO42001, NIST CSF, ISO22301, DORA, and NIS2. Rapidly understand new or bespoke frameworks/regulations and apply a logical, intelligent approach to consultancy and audit delivery. Manage and develop a team of consultants, including: Mentoring, training, and supporting junior team members. Conducting performance reviews and supporting career development. Lead client workshops and present findings, strategies, and recommendations to executive and senior leadership teams. Drive continuous improvement of internal processes, methodologies, and service delivery. Represent the company professionally at all times, acting as a role model for the team and maintaining high standards of client service. Undertake occasional travel to client sites as needed. Requirements We’re looking for someone who’s not only highly skilled but also adaptable, proactive, and driven by solving problems. You’ll bring a balance of technical expertise and strategic thinking, able to quickly make sense of new requirements and deliver exceptional outcomes in a rapidly changing environment. Essential Attributes: Proven experience delivering cyber GRC consultancy and audit services, ideally across multiple frameworks. Strong working knowledge of ISO27001 and SOC2. Ability to quickly understand and apply new frameworks or regulatory requirements. Exceptional problem-solving skills and the ability to think critically under pressure. Excellent client-facing skills, including the ability to lead workshops and engage with C-suite stakeholders. Strong leadership skills with experience mentoring or managing teams. Organised, able to manage shifting priorities, and comfortable working at pace. Excellent verbal and written communication skills. Desirable: Experience in data protection or PCI engagements. Relevant certifications such as CISA, CISM, CISSP, ISO Lead Auditor, or PCI QSA. Exposure to industry-specific compliance frameworks (e.g., financial services, healthcare). What We Offer Annual Leave: 22 days per year plus relevant state public holidays. Additional Leave: 1 day of paid leave for your Birthday. Superannuation: Statutory Superannuation contributions paid in addition to base salary. Health & Wellbeing: Access to our Employee Mental Health and Wellbeing platform. Professional Development: £2,000 annual training budget to support your continued learning and career growth. Referral Bonus: help to grow our team and earn up to £2,000 per successful referral. Why Join Us? You'll have the opportunity to work on challenging projects that make a real impact for our clients. We'd love to hear from you if you want to challenge, lead and innovate! We're not just about the work; we're about the people. Join a team where innovation is celebrated, and your contributions are valued. We foster a collaborative environment where fresh ideas thrive and professional growth is encouraged. Applications Please feel free to reach out to Kath, our Head of People & Culture, if you would like any further information, to discuss accessibility requirements, or if you require this information provided in an alternative format – [email protected] Please note - We’re always happy to help with questions, but to keep our process fair for everyone, we’re unable to accept applications via email. Please apply directly through the job advert page. We welcome applications from candidates from diverse backgrounds and can make various reasonable adjustments to accommodate individual needs. NO RECRUITMENT AGENCIES PLEASE Department Governance, Risk and Compliance (GRC) Role Senior GRC Consultant Locations Australia Remote status Hybrid