Posted 16 July, 2026
Cyber Security Consultant GRC
CyberCX
Wellington, WGN, NZ
Full Time
Reference: 54396120e7f8b644
Job Description
We are looking for a Security Consultant to join our growing Strategy and Risk team. As an experienced consultant you will combine technical understanding and governance expertise with excellent stakeholder engagement. At CyberCX you will work with clients across both the public and private sectors, delivering trusted advice, leading cyber security initiatives, and supporting organisations build and maintain effective security capabilities. The preferred candidate will have proven experience in two or more of the following areas: Leading NIST Cybersecurity Framework (CSF) maturity assessments to evaluate and enhance clients’ cyber security capabilities. Managing and delivering NZISM Certification & Accreditation (C&A) activities for New Zealand public sector organisations. Designing, facilitating, and leading cyber security tabletop exercises to assess incident preparedness and strengthen organisational resilience. Providing trusted security advisory and virtual Chief Information Security Officer (vCISO) services, supporting executive-level decision-making and governance. Developing and implementing cyber security strategies, target operating models, and transformation roadmaps aligned to business objectives and risk appetite. Creating, reviewing, and uplifting cyber security policy frameworks, standards, and procedures, including Incident Response Plans and supporting governance documentation. Advising clients on cyber security risk management, regulatory compliance, and best-practice security controls to improve overall security posture. Lead discovery and consultation activities with client stakeholders to shape recommendations and outcomes Prepare high-quality proposals, reports and presentations for senior client stakeholders Manage client expectations with professionalism, clarity and confidence. This role requires strong stakeholder engagement and written skills, the ability to lead client engagements independently, and a passion for helping organisations build resilient and effective cyber security capabilities. About you You are a strong communicator and trusted advisor who can translate technical cyber risks into clear business insights and practical strategy. You will bring: 3+ years’ experience in corporate or government IT security Proven ability to translate technical risk into business risk, strategy and action Strong report writing skills Experience across multiple cyber security domains, such as: Risk assessment and risk management Cyber security frameworks including NIST CSF, ISM and ISO/IEC 27001 Security research or related disciplines Why join CyberCX? We recognise the value our people bring and offer a rewarding package that supports your wellbeing, growth and career ambitions. Some of the benefits include: Flexible hybrid working with a mix of office and work-from-home arrangements Competitive remuneration that reflects your experience The option to purchase extra leave A comprehensive health and wellbeing program, including Employee Assistance support. Discounts on health insurance, gym memberships and everyday expenses Personalised development planning, training opportunities and membership support for industry organisations A meaningful reward and recognition program that celebrates your contribution. Join CyberCX and help build a more secure future. Be yourself We embrace diverse perspectives, experiences, and backgrounds. Please let us know if you require support or adjustments to assist with your recruitment experience. We take security seriously. We require all employees to complete background checks (including police and global sanction list checks) annually. #J-18808-Ljbffr