Are you ready to lead and deliver tangible improvements in a leading GRC team? This is a pivotal role for a results-driven professional to elevate an organisation’s cyber security maturity. The focus is on execution, delivering outcomes, and driving substantial progress across cyber security risk initiatives. Company: We are partnering with a globally recognised and well-respected Australian enterprise, and is a fantastic place to work. The organisation is committed to driving positive societal impact through its leading advancements and cutting-edge research. You'll get the opportunity to work in a leading GRC team and make your mark in your career. The Role: As the Cyber Security Risk Manager, you’ll play a critical role in identifying, assessing, and mitigating risks, while leading initiatives that enhance resilience and cyber security risk management practices. We need a results-driven, hands-on leader who can translate strategy into action, ensuring risks are managed effectively and progress is measurable. The organisation’s current cyber security maturity stands at 2.8, with an ambitious goal to reach level 4 across the enterprise. Your expertise in understanding what a mature cyber risk function looks like and your ability to thrive in a challenging, growth-focused environment will be key to your success. Key Responsibilities Shape, execute, and continuously refine cyber security risk management aligned with the enterprise risk framework. Oversee the cyber security risk register, ensuring risks are identified, assessed, and remediated effectively. Develop practical mitigation strategies, track effectiveness with measurable KPIs, and ensure alignment with business objectives. Deliver and manage vendor security risk programs, including assessments, contractual requirements, and continuous monitoring. Drive comprehensive maturity assessments and establish improvements based on findings. Prepare and present actionable risk updates to senior leadership and governance forums, ensuring visibility of progress and challenges. Optimise metrics dashboards to monitor and improve risk management performance continuously. Experience required: 6+ years in cyber security risk, with strong hands-on experience in implementing and running risk programs. Technical knowledge and familiarity with GRC security tools Strong understanding of frameworks like ISO 27001, NIST, and risk management methodologies. Strong stakeholder management and presenting skills to senior leadership. Ability to drive initiatives to completion in a dynamic environment. Certifications such as CISM, CISSP, CRISC, or related. Benefits: Be part of an organisation that values accountability, collaboration, and innovation while working on a high-profile initiative critical to the organisation's success. Location: Sydney / Flexible WFH (2 days in office) High-performing, well-respected cyber team with a strong culture. Career development and growth opportunities Permanent Position: $180,000 - $215,000 package + bonus This role is not just about managing risks — it’s about delivering a measurable leap in cyber security maturity. If you thrive in environments that require both strategic vision and hands-on execution, this is an opportunity to make a lasting impact. How to apply: Click apply or submit your CV to Jasmine McCrudden - jasmine@decipherbureau.com