Assessment and Authorisation - GRC (NV1)

Role Title
Security Assessment and Authorisation (A&A) Consultant
Location
Canberra, Melbourne, Sydney
Working Arrangement
Full-time, onsite 5 days per week
Clearance required
Current Baseline Security Clearance with willingness to upgrade to NV1

Job Description
Our client is seeking a Security Assessment and Authorisation (A&A) consultant to perform security risk management and assurance activities across systems, applications, and third-party services. This role ensures systems meet required security standards, risks are assessed and documented, and appropriate Authority to Operate (ATO) is obtained and maintained. You will work closely with system owners, architects, project teams, cybersecurity specialists, and compliance stakeholders to guide them through the A&A lifecycle and ensure alignment with organisational, regulatory, and Australian Government frameworks.

Duties and Responsibilities

• Conduct risk assessments to identify, evaluate, and mitigate security risks across projects and operational environments
• Facilitate risk workshops with stakeholders to capture and validate security risks
• Monitor and report on risk status, treatment progress, and residual risk
• Execute system security authorisation processes in accordance with ISM and client security requirements
• Prepare and maintain risk assessments and accreditation documentation
• Ensure compliance with ISM, Essential Eight, and department-specific security controls
• Develop and maintain security documentation (policies, procedures, incident response plans)
• Liaise with Authorising Officers, system owners, and project teams
• Support establishment and management of GRC tooling and continuous monitoring activities

Education/Certifications required

• Bachelor's degree in Cybersecurity, Information Technology, or related field
• Certifications such as CISM, CRISC, CISSP, IRAP Assessor preferred

Knowledge/Skills required

• Strong understanding of PSPF, ISM, and NIST cybersecurity principles
• Knowledge of Essential Eight requirements for classified information
• Experience with security documentation and accreditation packages
• Excellent documentation and organisational skills
• Familiarity with collaboration tools (SharePoint, Confluence) and GRC platforms
• Strong communication skills for stakeholder engagement

Employment benefits

• 18 weeks paid parental leave
• Career break opportunities
• Structured career development program
• Local and international career opportunities
• Flexible work arrangements

Diversity and Inclusion
We recognise that our people are multi-dimensional, and we create a work environment where all people feel like they can bring their authentic selves to work, every day. Our unwavering commitment to inclusion and diversity unleashes innovation and creates a culture where everyone feels they have equal opportunity. We encourage applications from all people and are committed to removing barriers to the recruitment process and employee lifecycle.

Veterans
Defence and Federal Government industry experience is highly desirable. We strongly encourage veterans and individuals with Defence experience to apply. Your unique skills and background are highly valued, and we are committed to supporting your transition into this role.

About Cleared
At Cleared, we provide tailored recruitment solutions to individuals seeking their next opportunity and to organisations searching for talent within Defence Industry, Intelligence and National Security.