About Us

RSM Australia supports a people-centric and collaborative culture where we are committed to empowering and developing you. As a leading professional services firm, we connect you to an extensive network of global resources and invest in your future. We value the meaningful work that you do and encourage you to be a part of the change.

The Role

Security & Privacy Managers have responsibility for extensive client contact, staff training, management & development; and liaising with third parties. They are expected to manage the whole project lifecycle for IT general controls audit, cyber security and information security services.

Key Responsibilities

• Provide client management with guidance on IT / Cyber security risk management, particularly on application, database, operating system and network infrastructure security. Help identify improvement opportunities for clients and write/QA reports for clients with recommendations for identified findings.
• Perform IT / Cyber / technology risk assessments, manage technical security related reviews, assess the effectiveness of processes/controls and risks related to third party organisations.
• Manage completion of each assignment, being accountable for high-quality standards, delivery within budget and on or before deadlines, while managing the progress of other assignments.
• Management of various engagements and co-ordination of the S&P team including training, mentoring and relevant methodology compliance.
• Writes high quality client deliverables in conjunction with the partner; including reports; management letters and other correspondence; that provide practical and commercial business advice
• Performs Quality Assurance and technical reviews of S&P work
• Identifies potential technical issues and documenting issue and proposed solution for partner attention Coordination and relationship management with other divisions
• Understands all relevant independence rules and their applicability to the S&P team and the Firm

About You:

• Relevant tertiary degree and/or qualification is essential.
• Relevant professional certification/qualification is essential, e.g., Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®); Certified in Risk and Information Systems Controls® (CRISC®); etc.
• Minimum 4 years Professional Services experience in Cyber / IT technical delivery, IT audit, internal controls, or risk management.
• Experience performing and managing security risk assessments, testing or auditing of cybersecurity or information security standards or governance frameworks (e.g. one or more of COBIT, NIST Cyber Security Framework, ASD Top 35 and Essential Eight, PCI DSS, CIS Critical Security Controls Top 20, PSPF, Australian Government Information Security Manual, VPDSS, ISO/IEC 27001, Cloud Security Alliance Guidance, Australian Privacy Principles, GDPR).
• Experience overseeing engagements where teams are completing various technical testing assessments and be able to translate technical findings and articulate recommendations for non-technical client staff.
• Knowledge of IT processes, project management, applications, databases, operating systems and network infrastructure to apply better practice guidance and identify opportunities for improvement.

Life at RSM:

RSM provides a great environment to build skills and confidence and we help our people achieve their best. We are trusted advisors to our clients, so it is critical for us to find the right people for the job on offer. Our network of offices across Australia and around the world allow us to offer a personal service to all our clients regardless of where they are!

Working for RSM entitles everyone to a wide range of leading health, wellness financial and lifestyle benefits.

How to apply: 

Whilst RSM considers overseas and visa applicants, we will be looking for candidates with full working rights for this role. 

Please click on the “apply” button and complete our online application form.

Agencies, thank you for thinking of us, but our recruitment is managed internally, and we will reach out to our preferred suppliers if we need assistance.