Cyber Security GRC Consultant

Description

GEO SPACES - Cyber Governance Risk and Compliance - various levels

• Join Leidos & work on AGO GEO SPACES mission critical networks
• GEO SPACES Cyber Governance Risk and Compliance (GRC) (various levels)
• Minimum NV2 willing to uplift to TSPV + DISA, located in Canberra

Due to the nature of the role, you must be an Australian Citizen who holds an active NV2 & be willing to uplift to TSPV security clearance; accompanied by the ability to be successful for a DISA/OSA.

Do Work That Matters

The GEO SPACES GRC roles are identified as a Key Governance Role in the Information System Security Management Plan under the GEO SPACES contract.

These roles will report directly to the GEO SPACES GRC Team Lead and be capable of operating independently within the scope of their duties which include:

Your New Role and Responsibilities

• Engagement with key Defence and ASD stakeholders, including internal project management, Assessment Authority representatives, security service providers, other internal IT security personnel and business owners.
• Provide advice across a broad spectrum of IT Security matters including IT security system requirements, secure design, implementation in accordance with system authorisations, change approvals and risk mitigation strategies.
• Engage with a broader GRC team to ensure IT security risks associated with integrated enterprise mission systems are being managed end to end.
• Engage with the existing Security Operations team to ensure their interests are represented throughout the system lifecycle and GRC and Security Operations are operating in a cohesive and complimentary manner.
• Consideration of and alignment with project schedules such that the assessment and authorisation effort supports the business requirement to operate the subject system(s)
• Identification, validation and or advocacy for security requirements (functional or non-functional) and dependencies associated with system delivery, transition into service or ongoing sustainment
• Development of an Authorisation Plan detailing the elements above with the necessary activities, artefacts and stakeholder contributions required to complete the certification and accreditation process for assigned projects
• Ownership for the execution of the Authorisation Plan with reporting as required by the business, project, Assessment Authority or other interested stakeholders
• Ownership for the ongoing maintenance of IT security artifacts during sustainment, and oversight and support for the ongoing compliance of the subject systems to Authorised baselines.

What You'll Bring to Make An Impact

• Current knowledge of and experience with the Australian Government Protective Security Policy Framework (PSPF), Information Security Manual (ISM) and Defence Securities Principles Framework (DSPF).
• Knowledge of security policy and procedure writing, including the core artefacts of the ATO process i.e. SSP, SSP-A, SRMP, CMP, IRP.
• Experience of conducting assessments for Authority to Operate, or experience with systems being assessed including IRAP assessments. Ideally, you will have experience providing this in a Defence or Intelligence context.
• Experience working with public cloud (AWS preferred) and on-premises enterprise networks.

• Experience working with systems used to manage large volumes of non-standard data formats and the IT security challenges these conditions introduce.
• Experience working within Defence and ASD system authorisation frameworks for systems at all classification levels.
• An ability to advocate for security and compliance requirements within the project and advocate for the project's approach with external stakeholders is necessary
• An ability to communicate sensitive matters respectfully and professionally, enabling decision-makers to understand the security implications of their choices before delivering their decisions
• An ability to prioritise the importance of security and compliance matters in the context of the subject platform or system is required in consultation and support of Security Engineers, Security Testers or other external stakeholders.

Additional information

Leidos are looking to fill multiple roles across various levels of experience. It is expected that the minimum level of experience will be two years in a similar position with more senior roles requiring 10+ years.

Due to the nature of the role, you must be an Australian Citizen who holds an active NV2 & be willing to uplift to TSPV security clearance; accompanied by the ability to be successful for a DISA/OSA.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.

Original Posting:

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

Securing Your Data

Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

Client-provided location(s): Canberra, Australia

Job ID: Leidos-R-00177651

Employment Type: FULL_TIME

Posted: 2026-03-06T19:03:36