Head Of Cyber GRC

Ready to help define the next chapter of a fast-growing national cybersecurity firm? This is an opportunity to apply your cyber governance, risk and compliance expertise and make a tangible impact in one of Australia’s fastest-growing industries.

Who Are We

Triskele Labs is a specialist cybersecurity firm helping Australian organisations protect their business through managed detection and response, advisory, offensive security and incident response. As we enter our next stage of growth, we are investing in senior GRC leadership to scale our cyber advisory capability, strengthen regulatory alignment, and deliver pragmatic, business-focused risk outcomes for our clients.

Why this role?

Triskele Labs is entering a period of growth and transformation and is seeking an experienced Head of Cyber GRC to lead and scale our governance, risk, and compliance practice.As a senior leader, this role will be instrumental in shaping how Triskele Labs delivers high-quality, pragmatic GRC services, strengthening our position as a trusted cybersecurity partner for organisations navigating complex regulatory and risk environments.

This is a true 50/50 role, balancing practice leadership with hands-on client delivery. You will lead, mentor, and develop a high-performing GRC consulting team while remaining actively involved in complex engagements and senior stakeholder advisory.

You will establish delivery standards, methodologies, and quality frameworks that enable consistent, scalable, and commercially effective GRC services. Working closely with Sales, technical delivery, and Customer Success, you will contribute to business development, support practice growth, and help evolve Triskele Labs’ GRC offerings.This role suits a proven GRC leader who thrives in growth environments, builds strong teams, and delivers practical, high-impact outcomes for clients.

What You Will Do

• Executive leadership and practice ownership: Reporting directly to the CEO, you will operate as a senior leader within the business, responsible for the strategic direction, performance, and growth of the Cyber GRC practice.
• Practice leadership and team development: Lead, mentor, and develop the Cyber GRC consulting team, fostering a culture of excellence, accountability, and continuous improvement. You will drive recruitment, capability uplift, and clear career progression pathways for consultants.
• Delivery excellence and quality assurance: Establish and maintain GRC delivery standards, methodologies, and quality assurance frameworks to ensure consistent, high-quality outcomes across all engagements.
• Complex engagement leadership: Lead and oversee complex Cyber GRC engagements, including cyber risk assessments, compliance programs, security framework implementations, and regulatory alignment initiatives.
• Cyber maturity and risk advisory: Conduct cyber maturity assessments and develop pragmatic, risk-based remediation roadmaps that balance security, compliance, and business enablement.
• Trusted advisor to senior stakeholders: Act as a strategic advisor to client executives, CISOs, and risk leaders, translating cyber risk and compliance requirements into clear, actionable business insights.
• Practice growth and business development: Contribute to practice growth through solution shaping, proposal development, and support for priority opportunities, working closely with sales and executive stakeholders.
• Cross-functional collaboration: Partner with sales, technical delivery, and customer success teams to ensure effective scoping, smooth handovers, and successful client outcomes.
• Hands-on leadership: Maintain hands-on involvement in delivery to ensure technical depth, credibility, and quality remain high as the practice scales.

Who You Are

• Lead-from-the-front Cyber GRC leader: A hands-on, visible leader who is comfortable rolling up their sleeves alongside the team, setting the standard for delivery quality, professionalism, and client impact.
• Inspirational people leader: High energy and presence, with the ability to inspire, motivate, and influence consultants while fostering a collaborative, inclusive, and high-performance culture.
• Ownership and accountability mindset: Strong sense of ownership for outcomes, quality, and team performance, with a bias toward action, accountability, and continuous improvement.
• Pragmatic and outcome-focused: Able to balance technical rigour, risk management, and compliance requirements with real-world business constraints to deliver practical, value-driven outcomes.
• Deep Cyber GRC expertise: Extensive experience in Cyber GRC consulting, supported by deep technical cybersecurity knowledge and the ability to assess underlying technologies — not just policies and documentation.
• Framework and standards authority: Strong expertise across leading security frameworks and standards, including ISO 27001, NIST, and the Essential Eight, with experience tailoring them to client context and maturity.
• Consulting and practice leadership: Demonstrated capability leading and developing consulting teams in a professional services environment, including recruitment, capability uplift, and career progression.
• Executive-level advisor: Excellent stakeholder management skills, with the credibility and communication ability to translate complex cyber risk concepts into clear, business-focused insights for executives and CISOs.
• Commercially astute: Strong business acumen with an understanding of consulting economics, commercial drivers, and client value, enabling sustainable practice growth without compromising quality.
• Growth and contribution mindset: Experience contributing to business development, proposal development, solution shaping, and broader practice growth initiatives.
• Resilient in growth environments: Adaptable and resilient, thriving in fast-paced, high-growth or transformational environments where priorities evolve and leadership visibility matters.
• Credentials and exposure (desirable): Relevant certifications such as CISSP, CISM, CRISC, or similar, and experience operating in rapidly scaling cybersecurity or advisory businesses.

Team culture is everything to Triskele Labs and it is the reason we exist.

We provide our team a great range of additional benefits such as:

• Access to a professional external Employee Assistance Program (EAP) for all team members
• Social functions organised by our People & Culture Team

We are a forward-thinking company and always looking for ways to boost our team culture to ensure we are a destination employer. We continually undertake surveys to seek feedback from our team on ways we can improve our work environment and team member experience at Triskele Labs.

At Triskele Labs, we value attention to detail.

If you've made it this far, you are the type of person we look for! Please include a cover letter addressed to Nick M., CEO, as part of your application. Applications without a cover letter will not be considered.