Security Compliance consultant - AGSVA Cleared

Location: Melbourne
Discipline: Security Cleared Resources
Job type: Full Time
Salary: $AU$100000 - AU$140000 per annum
Contact name: Tyler Dennis

Contact email: tylerd@thenetworkit.com
Job ref: BBBH10246_1765260457
Published: 1 day ago
Startdate: February 2026

Security Compliance consultant


5 Days Onsite
Baseline Clearance (NV1 upgrade available)
Major Multi-Year Defence Program


About the Role
We are seeking an experienced Security consultsant with strong Assessment & Authorisation (A&A) skills in security risk management, compliance, and accreditation within secure and Defence-aligned environments. You will support the end-to-end Assessment & Authorisation (A&A) lifecycle across systems, applications, and services, ensuring alignment to government security frameworks, organisational policies, and regulatory requirements. This includes conducting risk assessments, developing accreditation documentation, and supporting the attainment and maintenance of Authority to Operate (ATO).


Working closely with system owners, architects, cybersecurity specialists, and project teams, you will guide stakeholders through governance, compliance, and risk processes, ensuring security controls are appropriately implemented and evidenced. This role is ideal for someone who thrives in structured assurance environments, understands secure system design principles, and can translate both technical and operational requirements into clear, actionable security outcomes.


Key Responsibilities

  • Conduct and validate security risk assessments across project and operational environments, ensuring risks are appropriately documented, assessed, and mitigated.
  • Facilitate security and risk workshops with stakeholders to capture, analyse, and validate threat scenarios and treatment options.
  • Develop, maintain, and update accreditation documentation, including Security Risk Assessments, System Security Plans, and supporting A&A artefacts.
  • Execute Assessment & Authorisation processes in alignment with the ISM, PSPF, and relevant Risk Management Framework (RMF) steps.
  • Ensure compliance with governance, identification, protection, detection, and response security control families.
  • Support project delivery teams by tracking risk treatments, documenting residual risks, and reporting risk posture to governance bodies.
  • Assist with day-to-day coordination of program activities, including schedules, deliverables, risks, and issues.
  • Develop and maintain security policies, procedures, incident response documentation, and other compliance artefacts.
  • Maintain accurate and audit-ready records relating to authorisations, exceptions, assessments, and security evidence.
  • Provide security guidance on ISM, Essential Eight, and organisational control requirements throughout the system lifecycle.
  • Support the establishment and ongoing management of GRC (Governance, Risk & Compliance) tooling and reporting processes.
  • Track, monitor, and report on accreditation status, documentation progress, compliance gaps, and continuous monitoring activities.
  • Liaise with Authorising Officers, system owners, technical teams, and project stakeholders to ensure security outcomes are clearly understood and met.

Experience

  • Typically, 5-7+ years in security assurance, risk management, compliance, or accreditation roles within complex ICT environments.
  • Demonstrated experience interpreting and applying the ISM, PSPF, and NIST cybersecurity principles.
  • Experience preparing and managing accreditation packages and associated security documentation.
  • Experience working in Defence, Government, or other regulated sectors is highly advantageous.

Technical Expertise

  • Strong understanding of risk assessment methodologies and security control frameworks.
  • Knowledge of Essential Eight uplift requirements for classified information systems.
  • Ability to evaluate security controls, document evidence, and perform control effectiveness assessments.
  • Familiarity with GRC platforms and collaboration tools such as SharePoint and Confluence.

Soft Skills

  • Excellent written and verbal communication skills, capable of engaging technical and non-technical stakeholders.
  • Strong analytical and problem-solving skills in structured and compliance-driven environments.
  • Ability to work collaboratively across multidisciplinary teams while managing competing priorities.
  • Highly organised, detail-oriented, and proactive.


Desirable Qualifications

  • Certifications such as CISM, CRISC, CISSP, IRAP Assessor, or equivalent security accreditation credentials.
  • Prior experience working within Defence, National Security, or PSPF/ISM-regulated environments.
  • Understanding of secure system design, cross-domain environments, or data-centric security principles.


Security Clearance

  • Current Baseline Clearance with willingness to upgrade to NV1.
  • Australian Citizens who are eligible to obtain a security clearance will also be considered.
  • Must be willing to work onsite 5 days per week in a secure Defence environment.