This is a pivotal role for a results-driven professional to elevate a organisation’s cyber security risk maturity. The focus is on execution, delivering outcomes, and driving substantial progress across cyber security risk initiatives.
Company:We are partnering with a globally recognised and highly respected Australian enterprise, offering you the opportunity to join a leading GRC team and make a lasting impact on your career.
The Role: As the Cyber Security Risk Manager, you’ll play a critical role in identifying, assessing, and mitigating risks, while leading initiatives that enhance resilience and cyber security risk management practices. We need a results-driven, hands-on leader who can translate strategy into action, ensuring risks are managed effectively and progress is measurable.
The organisation’s current cyber security maturity stands at 2.8, with an ambitious goal to reach level 4 across the enterprise. Your expertise in understanding what a mature cyber risk function looks like and your ability to thrive in a challenging, growth-focused environment will be key to your success.
Key Responsibilities - Shape, execute, and continuously refine cyber security risk management aligned with the enterprise risk framework.
- Oversee the cyber security risk register, ensuring risks are identified, assessed, and remediated effectively.
- Develop practical mitigation strategies, track effectiveness with measurable KPIs, and ensure alignment with business objectives.
- Deliver and manage vendor security risk programs, including assessments, contractual requirements, and continuous monitoring.
- Drive comprehensive maturity assessments and establish improvements based on findings.
- Prepare and present actionable risk updates to senior leadership and governance forums, ensuring visibility of progress and challenges.
- Optimise metrics dashboards to monitor and improve risk management performance continuously.
Experience required: - 6+ years of specialised cyber security risk management experience.
- Technical knowledge and familiarity with GRC security tools
- Strong understanding of frameworks like ISO 27001, NIST, and risk management methodologies.
- Strong stakeholder management and presenting skills to senior leadership.
- Ability to drive initiatives to completion in a dynamic environment.
- Certifications such as CISM, CISSP, CRISC, or related.
Benefits: - Be part of an organisation that values collaboration and innovation
- Location: Sydney / Flexible WFH (2 days in office)
- High-performing, well-respected cyber team with a strong culture.
- Career development and growth opportunities
- Permanent Position: $180,000 - $220,000 package + bonus
This role is not just about managing risks—it’s about delivering a measurable leap in cyber security maturity. If you thrive in environments that require both strategic vision and hands-on execution, this is an opportunity to make a lasting impact.
How to apply: Click apply or submit your CV to Jasmine McCrudden - jasmine@decipherbureau.com