The work we do matters

We protect and defend our customers and communities by providing the most comprehensive range of cyber security professional services in the region. With more than 1,400 team members across Australia, New Zealand, the UK and US, we are a leading force in cyber security, offering services from strategy, GRC, managed security services, cloud security, digital forensics and cyber education. If you're ready to work with teammates that get you, a leader that supports you and customers that need you, then you're ready for CyberCX.

How you will make an impact

Deliver AI (Artificial Intelligence) governance, risk, and control design services to CyberCX customers as they adopt Generative AI and ML (Machine Learning) by translating technical architectures into practical, enforceable risk and control models.

Day to day you will:

• Deliver Secure AI strategy and risk consulting projects
• Lead complex projects where scope may be unclear, educate clients on AI use cases and ensure well defined business case ROI is documented
• Conduct high level business analysis workshops and deep dives to identify security risks and concerns
• Conduct AI and model risk assessments across GenAI and ML workloads
• Map technical controls across AI models, platforms, and deployment pipelines
• Assess and define controls covering data ingestion, training, inference, and outputs
• Evaluate security and risk across AI infrastructure, MLOps, and GenAIOps pipelines
• Translate AI architectures into actionable risk, control, and assurance artefacts
• Align technical controls to security, risk, and regulatory frameworks
• Support clients in operationalising AI governance and control models
• Contribute to repeatable Secure AI risk frameworks, templates, and documentation

Skills & Qualifications

• 5+ years in technology risk, cyber security, or technical consulting delivering client-facing consulting or assurance engagements
• Strong understanding of AI/ML and Generative AI architectures
• Experience mapping technical security controls, not just process controls
• Ability to assess and clearly communicate complex risk across models, data, and infrastructure to customers
• Strong written and verbal communication skills, including visualising consulting outputs in written, graphical and diagram (e.g. Visio, PowerPoint, Word)

Please note that due to the nature of this role, it is a mandatory requirement that all applicants have full working rights in Australia or New Zealand.

Great advantages for great people

A salary package that recognises your experience plus a range of advantages (just some of which are listed below – ask us for a benefits brochure).

• Flexible working in a hybrid arrangement (a blend of office and WFH) with modern and comfortable workplaces that accommodate different working styles
• All the usual leave entitlements plus additional paid leave options (including a day off for your birthday) and the chance to purchase extra leave each year
• Salary packaging options (such as a novated car lease)
• Health & Wellbeing program including access to our employee assistance service, mental wellness leave, online CyberCX Wellbeing Centre and workplace mental health first aiders
• Discounts on health insurance and gym membership plus savings on everyday groceries, electronics, technology, fuel, travel and more
• Personalised development planning, access to training and membership to industry organisations
• Employee interest groups and communities including a comprehensive Women in Cyber program
• A comprehensive reward and recognition program – with a special thank you every year on your anniversary!

Be yourself. We embrace diverse perspectives, experiences, and backgrounds. Please let us know if you require support or adjustments to assist with your recruitment experience.

We take security seriously. We require all employees to complete background checks (including police and global sanction list checks) annually.

Where appropriate, the CyberCX Talent Team will work with our preferred panel of agencies. Fees will not be paid for unsolicited resumes that are submitted directly to hiring managers and not through our approved process.