GRC Consultants

About us

MF & Associates, a Fujitsu Company is an Australian owned consulting firm that specialises in cyber security and management consulting, which have recently been acquired by Fujitsu. The organization prides itself on being a safe, inclusive and kind workplace that does good work that matters.

Our team has extensive experience in the public and private security sectors and are passionate about supporting people at all stages of their careers whether that be a person just starting out or someone looking for a mid-career change. The team includes several former executives, as well as the former AISA Cyber Security Professional of the Year and winner of the Women in ICT Defying Gravity Award.

We believe in our people, and we believe in the work our clients do.

Role Purpose 

Governance, Risk, and Compliance (GRC) Junior to Mid-level professionals will work in a highly skilled team under the guidance of industry experts to provide real-time security advice and guidance to uplift our clients' cyber posture.

• MUST have a minimum Baseline clearance.

You will help our clients: 

• Develop cyber security policy in alignment with frameworks and standards e.g. ISM, PSPF, Essential 8, NIST, ISO27001 / 27002, etc.  
• Undertake compliance assessments in alignment with policy and industry standards, 
• To quantify, understand, and manage security risks, 
• Uplift the cyber security stance and protect their systems, 
• Develop meaningful risk reporting. 

Key Accountabilities:

• With moderate oversight: 
• Develop security policy, 
• Undertake compliance assessments,  
• Undertake risk assessments, 
• Guide the selection of risk treatments, 
• Develop security reporting. 
• Manage your workload to ensure client and company timelines are met, 
• Consistently use the quality assurance process to deliver client results. 
• Other duties as required. 

Desired Experience / Knowledge:

• You will need strong written and verbal communication skills, a drive to learn and develop professionally, a keen attention to detail, and a passion for cybersecurity solutions.  
• We are open to candidates who are graduates or in the first few years of their professional careers in various professions. 

The following experience will be highly regarded: 

• Cyber security or ICT qualifications i.e. Diploma, Degree or industry certifications, 
• Familiarity with cyber security concepts i.e. risk management, compliance standards, etc. 
• A strong work ethic, and ability to self-manage time to deliver outcomes as part of a dynamic team. 
• A professional and polite demeanor, and a commitment to diversity, equity, and inclusion. 

Mandatory Qualifications:

• We work with a range of government and non-government clients. To work with our Australian Federal Government clients, you must be an Australian citizen and hold an AGSVA security clearance (minimum baseline).