Director - Cyber Security Consulting

About BDO

At BDO Australia, our why is ‘empowering people, realising possibilities’. One way we bring this to life is by hiring and developing exceptional talent, to deliver on our wide array of audit, tax and advisory services.

About the Role

The Cyber team is experiencing significant growth in our markets across Australia. We are seeking to appoint an experienced Director to grow our Security Enablement capability with a strong cyber security architecture background to join our Melbourne cyber security team.  This is client facing consulting role with the responsibility in taking a lead role supporting our clients with designing and developing their security blueprints and security solutions.   

About the team

This role will be part of the Cyber Security team within the Advisory Service Line within BDO Australia.  The Cyber Security team provides the following core cyber services: 

• Cyber Security Enablement, e.g. security architecture, data protection and the implementation of Microsoft cyber security products including Defender, Sentinel, Compliance Manager and Purview, etc. 

• GRC (Governance Risk and Compliance), e.g. Cyber resilience assessment, Cyber strategy and roadmap development, Cyber framework implementations (i.e. ISO 27001, NIST, industry specific), cyber awareness training, etc.  

• Offensive and technical security services, e.g. penetration testing, social engineering / red teaming, configuration reviews, security validation, SOC validation services, security architecture, etc. 

• Cyber defence and resilience services, e.g. Incident response services, cyber security crisis and resilience services, cyber exercises, security operations (design, implementation and validation), cyber threat intelligence services, etc. 

About the role

This is a leadership role within the cyber security enablement team focussing on: 

• Provider strategic leadership, including setting the vision and direction for the Security Enablement Team, aligning security initiatives with business objectives, and driving innovation in security practices. 

• Provide expertise, leadership, guidance and support to technical and business project teams in the development, communication and full lifecycle management of enterprise aligned cyber security architectures 

• Support with the development of our clients Information Security management System (ISMS) 

• Providing training, guidance, governance and information tools to support effective security architecture such as policies, processes, application references models, guidelines and artefacts 

• Promoting a proactive focus on security architecture through early intervention in technology project lifecycles, ensuring projects maintain an enterprise-wide view 

• Support our clients with identifying and managing complex security risks including those presented via incidents, investigations and remediation actions 

• Lead the technical delivery of Microsoft 365 (M365) security services, covering: 

• Microsoft 365 Security and compliance deployments 

• Azure cloud security deployments 

• Microsoft Sentinel deployments 

• Perform security risk assessments against client’s Microsoft deployments and provide recommendations for uplift 

• Assist in the design and deployment of Microsoft technologies within client environments 

• Support Partners and managers with technical input and scoping for proposals and engagement letters  

• Maintain technical skills and knowledge of emerging security technologies 

• Be active within the cyber security industry and community to stay on-top of latest security industry trends and building out your network. 

• Building and maintaining relationships with key clients, partners, and internal stakeholders. This includes effective communication, negotiation, and influencing skills. 

• Developing and mentoring team members, fostering a culture of continuous learning and professional growth, and ensuring the team is equipped with the necessary skills and knowledge. 

• Meeting key performance indicators (KPIs) to measure the success of the Security Enablement Team, such as client satisfaction, project delivery timelines, and security incident response times. 

• Collaborating closely with the other cyber security teams to provide holistic cyber security services. 

• Using your network to identify client opportunities. 

About you

The successful candidate comes from a lengthy technical consulting background with a detailed understanding of the major security standards and frameworks and their implications at the architectural level. As this role will be part of the Consulting leadership team, you will also be required to have prior people management experience.

Combined with:

• Experience in shaping and driving the security design and deployment of major ICT transformation programs from a cyber security perspective, including (but not limited to):  

• network security architecture 

• desktop and server security architecture 

• identity management 

• multi-factor authentication 

• cloud security and resilience architecture 

• threat and vulnerability management 

• centralised logging and threat correlation

• Hands-on experience with designing, implementing / configuring and maintaining Microsoft 365 environments  

• Experience maintaining and monitoring operations-at-scale within cloud environments 

• A strong understanding of the Microsoft partnership model and approach 

• Cloud governance and risk management experience is highly regarded 

The following qualifications and experience will also be required:  

• Relevant tertiary qualifications (e.g. computer science or IT degree), industry certifications (e.g. CISM, CISSP, TOGAF, GIAC) and/or relevant industry experience 

• Experience in shaping and driving the security design and deployment of major transformation programs from a cyber security perspective, in one or more of the following areas: 

• Operational Technology Security architecture and segregation models 

• Microsoft Azure cloud security and resilience architecture 

• Cloud (SaaS) email and web proxy solutions 

• Identity and Access Management Solutions 

• Office 365 security solutions

• Azure security engineering experience is highly regarded  

Why BDO?
 

Working for BDO you will be part of a growing and market leading professional services firm.

Our national and global footprint provides our people with opportunities to work on interesting client engagements, across diverse industry sectors and services.

Our open and collaborative culture ensures access to Partners and professional mentors, to guide and accelerate your professional career, across a wide array of career pathways.

We provide our people with various health and wellbeing, social, financial, and professional development benefits to help realise what’s possible.

Participate in fitness challenges or take advantage of exclusive discounts to corporate health insurance, gym memberships and wellness facilities via our BWell program. Access benefits such as travel perks, retail discounts, free breakfast, employee referral rewards, study, and professional development support.

Our leave options cater to the unique needs of our people; and include enhanced family support, cultural and religious leave, and options to purchase additional leave. You can also give back and get involved in community initiatives via our BCaring program.

With a strong focus on learning and growth, we provide on the job training and formal development programs to help you succeed in your role and develop your skills and experience.

Our culture is underpinned by our core values (One, Bold, Human, Heart and Strive). We are proud to be recognised as an Inclusive Employer by the Diversity Council of Australia and an Employer of Choice by the Workplace Gender Equality Agency (WGEA).