Our Value Proposition

At RSM, our purpose is to instill confidence in a world of change for both our clients and our people.

RSM Australia supports a people-centric and collaborative culture where we are committed to empowering and developing you. As a leading professional services firm, we connect you to an extensive network of global resources and invest in your future. We value the meaningful work that you do and encourage you to be a part of the change.

Our value proposition is our commitment to you; it highlights the experiences, benefits, and value that you can expect as part of RSM. This is underpinned by our three values – integrity in everything that we do, supporting clients everywhere, and developing and valuing everyone.

Successful candidates will be responsible for effectively delivering engagements and projects while managing client relationships and staff.  Security & Privacy (S&P) consultants are expected to have responsibility for extensive client contact, staff training, management & development; and liaising with third parties You will be skilled and experienced at managing the whole project lifecycle for IT general controls audit, cyber security and information security services.  As consultant you will also aspire to developing strategic, business development and leadership skills.

The RSM Security & Privacy Services provide specialist skills in the disciplines of IT governance, IT risk consulting, Cyber, information security and IT audit. We service organisations in the government and private sectors and operate across all technology platforms and software environments. This is a flexible and hybrid role balancing work in the office, client site and working from home (WFH).

• Perform IT / Cyber / technology risk assessments, technical security related reviews, assess the effectiveness of processes/controls and risks related to third party organisations.
• Executing and completing individual IT and cyber security audits and special project reviews relating to various applications, IT infrastructure and other relevant IT domains.
• Conducting independent risk-based IT and cyber security audits to assess the adequacy and effectiveness of internal controls, the reliability and integrity of the client’s business and IT systems.
• Conducting various audit engagements simultaneously with numerous engagement team members per audit, including assisting with planning, execution and scheduling staff.
• Undertaking or arranging to undertake special consulting or other reviews as required. These may include system software reviews, new system development technical evaluations, post implementation reviews, contingency planning reviews, logical / physical access reviews and installation reviews.
• Assist in the planning of client deliverables (i.e. strategic internal audit plan, scope documents).
• Responsible for the execution of fieldwork and documentation of findings (i.e. maintain the audit file).
• Determining the objectives, scope and extent of each audit and ensure that the audit is professionally and efficiently completed within deadlines.
• Assist in business development activities of the firm.
• Coordination with other divisions.
• Address technical issues and assist in preparing technical position papers.
• Undertaking development of team members.
• Assisting with management and co-ordination of the audit team including training, mentoring and methodology compliance.
• Identifying opportunities for improvement to operational efficiencies and effectiveness.
• Maintaining appropriate and adequate documentation for each audit to a standard as required by auditing standards.
• Identification of findings and issues, and assisting in the drafting of client reports and discuss with relevant management as required.
• Liaising, and presenting audit results to information system staff and client management.
• Remaining abreast with technological enhancements in auditing and IT.

  Essential

• Successful Criminal Record Screening Clearance.
• Relevant tertiary degree and/or qualification is essential.

  Essential

• Minimum 2 years of Professional Services experience in Cyber / IT technical delivery, IT audit, internal controls, or risk management.
• Experience performing security risk assessments, testing or auditing of cybersecurity or information security standards or governance frameworks (e.g. one or more of COBIT, NIST Cyber Security Framework, ASD Top 35 and Essential Eight, PCI DSS, CIS Critical Security Controls Top 20, PSPF, Australian Government Information Security Manual, VPDSS, ISO/IEC 27001, Cloud Security Alliance Guidance, Australian Privacy Principles, GDPR).
• Experience in performing engagements where teams are completing various technical testing assessments and be able to translate technical findings and articulate recommendations for non-technical client staff.
• Demonstrated knowledge of control best practices in IT general controls and applications.
• Demonstrated Knowledge of IT processes, project management, applications, databases, operating systems and network infrastructure to apply better practice guidance and identify opportunities for improvement.
• Outstanding interpersonal and communications skills, able to communicate effectively in verbal and written format with technical and non-technical audiences.
• Strong analytical and written communication skills.
• Ability to develop effective solutions and enhancements in an innovative manner.
• Strong attention to detail and prioritising skills, able to produce high quality work autonomously and as part of a team.
• Ability to add value by providing a high standard of service in response to client demands.

Desirable:

• Experience with CPS 234 and SOC 2, or 
• Experience auditing cloud configurations, ideally in either Azure or AWS

Life at RSM:

RSM provides a great environment to build skills and confidence and we help our people achieve their best. We are trusted advisors to our clients, so it is critical for us to find the right people for the job on offer. Our network of offices across Australia and around the world allow us to offer a personal service to all our clients regardless of where they are!

Working for RSM entitles everyone to a wide range of leading health, wellness financial and lifestyle benefits.

How to apply: 

Please click on the “apply” button and complete our online application form.

Agencies, thank you for thinking of us, but our recruitment is managed internally, and we will reach out to our preferred suppliers if we need assistance.