Cyber Security GRC

C4i Solutions is a leading Technology, ICT, and Digital Solutions company, delivering real outcomes for our Defence, Government, and Industry partners. We're growing and we're looking for great people who share our values, believe in our mission, and care about what they do. People who value teamwork, take pride in their work, and want to make an impact.

About the Role:

As a Cyber Security GRC professional in C4i Solutions, you will be responsible for supporting the delivery of secure and compliant outcomes across Defence and government programs. You will bring strong expertise in ICT Assessment and Authorisation (A&A), risk management, and security assurance, with a solid understanding of frameworks such as ISM, PSPF, DSPF, and NIST. In this role, you will work closely with stakeholders to provide risk-based cyber security advice, support accreditation activities, and ensure alignment between operational requirements and regulatory obligations. You will play a key role in developing security documentation, conducting risk assessments, and embedding governance practices that strengthen cyber maturity and resilience.

The ideal candidate will have experience operating in complex, mission-critical environments, with the ability to influence stakeholders, drive compliance outcomes, and deliver practical, fit-for-purpose security solutions in a fast-paced Defence context. The role is located in Adelaide.

• Managing cyber security governance and compliance frameworks, including ISM, PSPF, DSPF, and Essential Eight (E8) requirements, within the overarching Defence CyberWorthiness System (DCwS).
• Leading Cyber Security Assessment and Authorisation Framework (CSAAF) processes to achieve Authority to Operate (ATO) for Defence systems.
• Engaging effectively with Defence stakeholders and decision-makers to support ATO workflows and outcomes.
• Developing and maintaining core security artefacts in alignment with CSAAF requirements, including SAP, BIL and E8 assessments, SSP, SSP-A, SRMP, IRP, CMP, SCCG, and POA&M.
• Leading and driving continuous improvement in cyber security governance, policy development, and best practice implementation.
• Risk management, encompassing risk identification, mitigation strategies, and reporting within Defence information environments.
• Operate within Defence networks and system security, including integration into the Single Information Environment, acceptance into service, and transition to sustainment of Defence capabilities and systems.

• Australian citizen (required for Defence projects) with a min AGSVA NV2 clearance.
• Bachelor's degree in Cyber Security, Information Technology, or related field (or equivalent experience) and;
• A relevant certification such as CISSP, CISM or ISO27001-Lead Auditor, SANS 401.
• IRAP qualified (Preferred).
• A min of 5 year's experience within a Defence classified ICT environment.
• Be willing to work as part of an on-call roster on a periodic basis.
• Strong analytical and reporting skills.
• Excellent communication and stakeholder engagement skills Ability to work in high-pressure, secure ICT environments.

If you're looking for a workplace where your skills, experience, and dedication are genuinely valued we'd love to hear from you. We are a close-knit team of veterans, problem-solvers, tech heads, dads, mums, soccer coaches, and weekend adventurers who love what we do, like to have a bit of fun, and don't take ourselves too seriously. What brings us together is a passion for doing great work that makes a real difference to those who serve.

If this sounds like your kind of team, apply now. We'd love to hear from you.

www.C4isolutions.com.au