Manager / Senior Manager - Cyber Risk

Job Title Manager / Senior Manager - Cyber Risk Location Brisbane Description Ashurst Risk Advisory was created to respond to client demand and is designed to provide risk expertise that complements Ashurst's core legal services. We provide the opportunity to work with an expertise-led team that has been consistently growing since its inception, and is dedicated to collaboration, diversity, transparency and innovation. Our vision is to create a unique culture in the consulting market based around a flat, collaborative structure that offers everyone the opportunity to work closely with Directors, Partners and clients on engagements. This means you have on the job training with your leaders, direct involvement with business development, clear recognition for your performance, and greater career opportunities. The Opportunity : Our Cyber Risk and Resilience team is redefining what leading cyber risk and resilience consulting looks like in Australia. Our consultants work hand in hand with our legal teams to solve cyber risk challenges, and we are driven by a purpose to make complex cyber security concepts accessible to leadership teams, adopting robust risk-based methodologies to align cyber with our clients' strategic imperatives and help build cyber resilience. As a result of rapid growth, we are looking to hire an experienced Specialist (equivalent to a Manager in Big 4 consulting) or Executive (equivalent to a Senior Manager in Big 4 consulting) in Brisbane. We would also welcome applications from lawyers with 3-5 years PQE including 2+ years of cybersecurity and / or cyber response experience. You will be an integral member of a specialist consulting team that delivers strategic cyber risk advice, and implementation support to organisations, their Boards and Executive leadership teams as they mature their cyber resilience, compliance, and cyber crisis response capabilities. Your ability to communicate complex threat, risk, and cyber security concepts and strategies in plain language, to senior stakeholders is critical and supported by your robust understanding of the cyber threat environment and risk methodologies. In addition, you will have experience applying these in business settings and be able to provide pragmatic advice on implementation and operationalisation in alignment with legislative and regulatory requirements and best practice. You will also need to be highly effective at working under pressure as we continue to develop a market leading approach to cyber risk and resilience. Please ensure you review the job description attached to the role on our careers site for more detail on the role and what we are looking for / / careers.ashurst.com / About you : You have 5-10 years of specialised cyber risk consulting experience, OR you are a lawyer with 3-5 years PQE including 2+ years' experience at a top‑tier law firm working on cyber matters such as incident response and breach management, cyber regulatory obligations (SOCI, CPS234), and cyber due diligence. You can demonstrate your knowledge of common cybersecurity frameworks used in cyber security such as ISO27001, NIST CSF, AESCSF, Essential Eight, ISO31000. You can demonstrate your familiarity with relevant Australian regulatory and legislative cybersecurity regimes. In‑depth experience advising clients on their SOCI obligations across a range of industries is highly desirable. Knowledge of Operational Technology (OT) cyber practices and standards is desirable. You are confident in autonomously finding solutions to a range of problems, especially those related to risk and controls management, in a commercial and client focused way. You are a self‑starter who is keen to work in a fast‑paced environment that is always evolving and requires you to be proactive, confident and humble; embracing alternate viewpoints. You have proven experience in business development including developing go‑to‑market material and proposals. We value diverse perspectives at Ashurst, so even if you don't feel you meet all of the requirements, we still encourage you to apply. For more information or if you require any support and adjustments to participate equitably in our recruitment process or in the workplace, we encourage you to contact : for a confidential conversation. If you are interested in this opportunity, please apply directly to Ashurst. We prefer to talk with you personally and are not accepting applications from recruitment agencies. #J-18808-Ljbffr