For more than 20 years, KordaMentha has supported businesses through some of their most complex matters and opportunities. Founder owned and led; we are an advisory firm that helps corporations, financiers, lawyers, private investors and government clients to grow, protect and recover value.

That’s what we do, but it’s how we do this that makes us who we are.

Proudly independent, strategically local, and with a bias for action to get things done, we focus on doing what is right by our clients, our people, and the wider community. Our track record shows that we help navigate the best path forward in challenging times, and do so across cities, regions and territories.

In the most stressful or demanding environments, we continue to drive change where it really counts.

As an Associate in our Cyber practice, you’ll play a hands on role delivering high quality cyber governance, risk, compliance and assurance services to public and private sector clients, including government, critical infrastructure and regulated industries. This role is ideal for professionals who want real responsibility, meaningful client exposure, and accelerated development in a collaborative, high performance environment.

At Associate level, the focus is on building strong consulting foundations and delivery discipline across cyber GRC engagements, working closely with senior leaders and project teams to deliver clear, defensible outcomes.

What you’ll be doing (Key Responsibilities):

• Understand client objectives, operating environments and challenges to deliver actionable insights and identify opportunities to strengthen cyber resilience and risk posture.
• Support delivery across the cyber lifecycle through our four cyber service pillars: Advise, Enable, Review and Respond.
• Deliver and support cyber risk, review and assurance engagements (e.g., maturity assessments, risk assessments and independent reviews) aligned to frameworks such as PSPF, ISM, ISO 27001/27002, Essential Eight, NIST CSF (and others as relevant).
• Analyse client artefacts, data and documentation (policies, architectures, risk registers, control evidence), translating findings into high-quality, client-ready deliverables.
• Prepare executive-ready and detailed reports, presentations, dashboards and visualisations to clearly communicate engagement outcomes.
• Contribute to project teamwork by supporting quality, timelines and structured delivery; participate in mentoring/coaching as appropriate within project teams.
• Contribute to business development activity (e.g., proposal support, client artefacts, cost/effort models) aligned to your level and experience.

• 2–4 years’ experience in cyber security, privacy, technology risk and/or a similar consulting role, including exposure to cyber risk and strategy or cyber posture uplift work aligned to recognised frameworks.
• Understanding of recognised cyber security frameworks/standards (e.g., ISO 27001/27002, ISM/PSPF, Essential Eight, NIST CSF), and experience supporting governance, risk, assurance and/or uplift initiatives.
• Strong analytical thinking and problem-solving ability, with the ability to translate findings into practical, defensible recommendations.
• Strong written and verbal communication skills, including producing high-quality reports and stakeholder-ready outputs.
• Ability to manage competing priorities, meet deadlines and deliver high-quality outcomes under pressure.
• Certifications such as CISSP, CISM, ISO/IEC 27001 Lead Auditor (or equivalent).
• Exposure to OT environments / ICS/SCADA, particularly in critical infrastructure or government-regulated sectors.
• Interest in continuous learning and proactive participation in training/certification pathways aligned to cyber security.

Eligibility & Working Conditions:

Ability to obtain a security clearance is preferred (and Australian citizenship/clearance requirements may apply depending on client work).

Occasional interstate travel may be required, with potential for client-site attendance relevant to engagements.

Build your future- shape ours
We don’t just hire talent; we invest in it - with support that accelerates your success in every way

Why Join Us?

• Professional Development: Expert mentorship, tailored training via KordaMentha Business School, study support, and our Accelerate program for Analysts to Associate Directors — build your brand, expand your network, and gain strategic insights from senior leaders
• Flexibility: We champion work/life integration with options that fit your lifestyle.
• Career Growth: Merit-based promotions, secondments, and opportunities to work alongside senior leaders on impactful projects.
• Leave That Works for You: Buy extra leave and access volunteer, generous parental leave and career break options.
• Culture & Connection: Social events, cultural celebrations, and our bi-ennial black-tie ball.
• Family Support: Flexible parental leave, return-to-work support through our partner GracePapers, and resources for every stage of family life.
• Health & Wellbeing: Inclusive wellness initiatives and confidential and industry leading EAP for you and your family.

This isn’t just a job — it’s a place where your ambitions are nurtured, your wellbeing is valued, and your contributions celebrated. Ready to shape your future with us?

At KordaMentha, we believe there is strength in difference. Our entrepreneurial spirit expands the possibilities for action. We approach situations, challenges, and opportunities with optimism, curiosity, and diversity of thought. We seek novel solutions to problems and encourage unconventional and innovative approaches. 

Our team's diverse skillsets, backgrounds and experiences fuel KordaMentha's different mindset. We encourage candidates from all backgrounds to apply, recognising that talent and potential extend beyond traditional qualifications. Our selection process values diverse perspectives and considers each applicant's unique strengths and capabilities.