Governance, Risk & Resilience Consultant

The Opportunity

‍

This is a hands-on role for someone who enjoys helping organisations understand cyber risk, improve resilience, and achieve meaningful security outcomes.

You will work directly with customers across critical infrastructure, essential services, sensitive data environments, and complex technology organisations to assess current capabilities, identify improvement opportunities, and support the implementation of practical governance, risk, and compliance programmes.

Working closely with customers, partners, and the Overcyte team, you'll help organisations translate frameworks, standards, and regulatory obligations into actionable programmes that reduce risk and improve operational resilience.

We're looking for someone who understands that effective governance, risk, and resilience is about far more than achieving compliance.

Success requires a combination of business understanding, risk management, cyber security knowledge, stakeholder engagement, and the ability to turn complex requirements into practical outcomes.

Key Responsibilities

‍

Governance, Risk & Compliance Assessments

• Deliver cyber security and risk maturity assessments across a range of frameworks, standards, and regulatory obligations.
• Conduct workshops, interviews, and evidence reviews with customer stakeholders.
• Assess governance structures, risk management practices, security controls, and operational resilience capabilities.
• Identify gaps, risks, improvement opportunities, and areas of non-conformance.
• Support organisations in understanding their current and target maturity states.
• Develop assessment reports, executive summaries, and prioritised recommendations.
• Assist customers in establishing practical roadmaps for improvement.
• Contribute to the continuous enhancement of Overcyte assessment methodologies and content.

Risk Management & Advisory

• Facilitate cyber risk identification, analysis, and evaluation activities.
• Assist customers in developing and maintaining cyber risk registers.
• Support the development of risk treatment plans and remediation strategies.
• Help organisations align cyber risks with enterprise risk management frameworks.
• Assist customers in defining risk appetite, risk tolerance, and risk reporting approaches.
• Provide advice on emerging threats, industry trends, and evolving risk landscapes.
• Support the development of board, executive, and operational risk reporting.
• Assist customers in improving cyber risk governance and decision-making practices.

Framework & Compliance Support

• Support customers with the implementation and ongoing management of cyber security frameworks and standards.
• Assist organisations in interpreting regulatory obligations and compliance requirements.
• Develop policies, standards, procedures, guidelines, and supporting documentation.
• Help customers establish governance processes that support sustainable compliance.
• Support evidence collection and control validation activities.
• Assist with internal readiness reviews and compliance improvement initiatives.
• Contribute to framework mapping and control rationalisation activities.
• Support continuous improvement programmes aligned to customer objectives.

Overcyte Platform Delivery

• Configure and utilise the Overcyte platform to support customer engagements.
• Assist customers in managing assessments, risks, controls, remediation actions, and reporting within the platform.
• Support onboarding, user adoption, and ongoing customer success activities.
• Help customers derive value from platform insights and reporting capabilities.
• Contribute to the development of new platform content, templates, and guidance materials.
• Identify opportunities to improve customer experience and platform outcomes.
• Provide feedback to the product team based on customer requirements and industry trends.
• Assist with demonstrations and proof-of-value activities where required.

Stakeholder Engagement & Consulting

• Build trusted relationships with customers, partners, and key stakeholders.
• Facilitate workshops and discussions with technical, operational, and executive audiences.
• Present findings, recommendations, and progress updates in a clear and practical manner.
• Support customers in prioritising activities based on risk and business objectives.
• Translate technical cyber security concepts into business-relevant language.
• Assist customers in developing realistic and achievable improvement programmes.
• Contribute to customer success, retention, and long-term value delivery.
• Support collaborative engagement across multiple customer environments.

Research, Insights & Continuous Improvement

• Maintain awareness of emerging cyber security threats, regulations, standards, and industry developments.
• Monitor changes across key frameworks and regulatory environments.
• Contribute to thought leadership, webinars, articles, and customer education initiatives.
• Assist in developing new assessment content and advisory services.
• Identify opportunities to improve methodologies, tools, and delivery approaches.
• Support knowledge sharing across the Overcyte team.
• Contribute to internal capability development and continuous improvement activities.
• Stay current with emerging technologies, cyber security trends, and resilience practices.

What We're Looking For

‍

Essential

• 5+ years' experience in cyber security, governance, risk management, compliance, audit, consulting, or a related role.
• Strong understanding of cyber security governance and risk management principles.
• Experience conducting assessments, reviews, audits, or maturity evaluations.
• Experience developing reports, recommendations, and improvement roadmaps.
• Strong stakeholder engagement and workshop facilitation skills.
• Ability to communicate effectively with both technical and non-technical audiences.
• Strong analytical, documentation, and problem-solving capabilities.
• Strong organisational skills and ability to manage multiple engagements.
• Self-motivated, proactive, and comfortable working independently.

Highly Desirable

• Experience working with critical infrastructure or essential service organisations.
• Experience with frameworks such as NIST CSF, ISO 27001, IEC 62443, CIS Controls, AESCSF, or NCSC Minimum Cyber Security Standards.
• Experience in cyber security consulting or advisory services.
• Understanding of enterprise risk management practices.
• Experience supporting regulatory compliance programmes.
• Experience facilitating cyber risk workshops and executive discussions.
• Familiarity with GRC platforms and risk management tooling.
• Experience contributing to operational resilience or security improvement programmes.

Success Measures

‍

Success in this role will be measured through:

• Successful delivery of customer assessments and advisory engagements.
• High levels of customer satisfaction and positive stakeholder feedback.
• Timely completion of reports, recommendations, and project deliverables.
• Improvement in customer cyber security maturity and risk management outcomes.
• Increased customer adoption and utilisation of the Overcyte platform.
• Growth in customer retention and long-term engagement opportunities.
• Contribution to the development of assessment content, frameworks, and platform capabilities.
• Positive contribution to Overcyte's reputation as a trusted cyber security and resilience partner.

‍

Why Join Overcyte?

‍

This is an opportunity to help shape the growth of a technology company operating in one of the most important and rapidly evolving sectors today.

You'll work directly with organisations responsible for delivering essential services, managing sensitive information, and operating complex technology environments. You'll help customers understand cyber risk, improve resilience, and make more informed decisions.

We're building a platform designed to simplify cyber governance, risk management, compliance, and resilience activities while delivering meaningful outcomes for our customers. As a growing business, every contribution has a direct impact.

We're looking for someone who enjoys solving problems, working with customers, learning continuously, and making a measurable difference.

Working Arrangement

• Full-time employee position.
• ANZ working hours.
• Remote working available.
• Opportunity to grow alongside the business as Overcyte expands.

‍