Start Date: ASAP

Length: 6 months - good chance of extension

Daily Rate: $850 - $950 incl Super

Location: Sydney CBD / WFH Hybrid

About You:

• Extensive experience in security risk management, including maintaining risk registers, supporting assessments, and delivering executive-level reporting and data-driven insights.
• Skilled in developing and implementing security risk reporting frameworks and cyber risk quantification techniques (e.g. FAIR), with a solid grasp of PSPF, E8, and other government reporting requirements.
• Strong technical capabilities in risk assessment methodologies, security controls, and compensating controls, with proficiency in tools such as PowerBI.
• Excellent communication and stakeholder engagement skills, with the ability to craft and present clear, executive-level reports and recommendations.
• Highly analytical and detail-oriented, with a strong focus on metrics, data quality, and visual reporting design to support informed decision-making.
• Collaborative and adaptable team player, able to balance multiple tasks, work cross-functionally, and apply a risk-based, business-aligned approach to security.

About The Role:

• Lead the development and maintenance of security risk management processes, including risk registers, assessments, policy exceptions, and exemptions.
• Ensure end-to-end risk analysis and reporting by collaborating across security domains and broader business units such as Technology, PMO, People & Culture, and Procurement.
• Manage security metrics and reporting, including government compliance (e.g., PSPF, E8), and implement cyber risk quantification capabilities.
• Deliver executive-level reporting and insights, supporting the CISO with strategic updates, executive papers, and data-driven metrics.