.buttontext5a884faa1b245f6d a{ border: 1px solid transparent; } .buttontext5a884faa1b245f6d a: focus{ border: 1px dashed #D8D8D8 !important; outline: none !important; }
Job Requisition Id: 1080
Cyber, Risk and Compliance (GRC) Senior Consultant
Date: 14 Jul 2026
Location:
Perth, WA, AU, 6000
#job-location.job-location-inline { display: inline; }
Job Description:
Drive cyber security improvements and enhancing organisational resilience through practical, risk-based security outcomes
Enjoy career development, competitive remuneration and access to opportunities across the Wesfarmers Group
Permanent, full-time role based at our Perth CBD Office
WesCEF
Wesfarmers Chemicals, Energy & Fertilisers (WesCEF) is a division of Wesfarmers Limited and has been operating in Western Australia for more than 110 years. Our eight businesses manufacture and supply essential products to over 225,000 customers in 26 countries, supporting key sectors including agriculture, mining, energy, construction and households. Safety, sustainability and community are central to how we operate. We are committed to continuous safety improvement and are working toward net zero Scope 1 and 2 emissions by 2050.
With more than 1,300 employees across WA, Queensland and Victoria, we foster a respectful, inclusive workplace where diverse thinking is valued. Guided by our Diversity, Equity, Inclusion and Belonging Strategy and Aboriginal Inclusion Plan, we support gender balance, cultural respect, Indigenous employment and flexible work. We invest in our people through training, career development and recognition programs. With our headquarters in Perth, WesCEF plays a key role in supporting Australia’s economic growth and advancing a more sustainable future.
WESCEF: We create long-term value for critical industries and everyday life.
About the Role
As a Cyber Governance, Risk and Compliance (GRC) Specialist, you will play a key role in strengthening WesCEF’s cyber resilience by assessing the effectiveness of security controls across IT, Operational Technology (OT), cloud, and third-party environments. Leveraging your cyber security and risk management expertise, you will identify control gaps, evaluate business impacts, and provide practical, risk-based recommendations that reduce risk and support business continuity.
Key Responsibilities
Assess the effectiveness of cyber security controls across IT and OT environments.
Identify cyber risks, control gaps, and remediation actions through reviews of technology, projects, and third-party services.
Translate technical security issues into clear business risks and actionable recommendations.
Provide independent challenge and advice on control effectiveness, risk treatment, and remediation priorities.
Partner with technology and business teams to embed security-by-design and improve cyber risk outcomes.
Conduct third-party cyber risk assessments and support risk-based remediation activities.
Maintain cyber risk registers, treatment plans, and reporting to support informed decision-making.
Support assurance, audit, and compliance activities by validating the implementation and effectiveness of security controls.
About You
You are a technically capable cyber security professional who understands how security controls are implemented, operated, monitored, and tested in real-world environments. You will bring:
Tertiary questions in IT, Computer Science and/or similar with demonstrated experience in a similar role.
Industry certification such as CISSP, CISM, CRISC, SABSA, Azure / AWS security certifications, GIAC, ISO 27001 Lead Implementer / Auditor, or equivalent.
Knowledge of cyber security frameworks and principles, including NIST CSF, ISO 27001, IEC 62443, and Zero Trust, is desirable.
Knowledgeable and experienced reviewing cyber security controls across IT, OT, cloud, identity, network, endpoint, vulnerability management, and monitoring environments.
The ability to apply a risk-based mindset, linking technical vulnerabilities and control gaps to business impact.
Experience assessing third-party, supplier or service provider cyber risk is highly regarded.
Excellent stakeholder engagement and communication skills.
Confident to challenge assumptions and drive better security outcomes.
Resilient and adaptable approach to influence a complex environment.
What we offer
At Wesfarmers Chemicals, Energy & Fertilisers (WesCEF), we value our people and offer a range of benefits designed to support your wellbeing, development and career growth, including:
Competitive remuneration, including access to the Wesfarmers employee share plan and participation in our annual incentive plan
Flexible working arrangements, including some work-from-home options where applicable
Salary sacrifice opportunities, including novated leasing
Access to a wide range of employee benefits across the Wesfarmers Group, including staff discounts at Bunnings, Kmart, Target, Officeworks and Kleenheat, as well as access to Wesfarmers-sponsored arts and cultural events
Paid parental leave of up to 18 weeks
Ongoing professional development and career opportunities across WesCEF and the broader Wesfarmers Group
Why WesCEF
At WesCEF, we are committed to building an engaged, high-performing and inclusive workforce that reflects the communities in which we operate. We value diversity of thinking, skills and experience, knowing this drives innovation and better business outcomes.
We welcome applications from people of all backgrounds and encourage Aboriginal and Torres Strait Islander peoples to apply.
We are proud to support flexible working arrangements and understand that flexibility looks different for everyone. If flexibility is important to you, we encourage you to discuss your needs as part of the application process.
WesCEF operates across multiple locations, with our two major hubs based in Kwinana and the Perth CBD.
Why Join Us?
This is an opportunity to make a genuine impact on the organisation's cyber security maturity by combining technical expertise with strategic risk thinking. If you're passionate about cyber security works in practice and want to focus on meaningful cyber risk outcomes, we'd love to hear from you.
Applications closes: AWST 5pm, 30th July 2026.
This position is applicable to applicants with the valid Australian Work Rights.
Our recruitment process considers your alignment to our company values and the requirements of the role. We also have several checks which may be conducted to demonstrate your suitability for the role including but not limited to psychometric assessment, police checks, medical, drug and alcohol testing, right to work check, qualifications, due diligence and/or reference checks.
We reserve the right to commence the recruitment process prior to the closing date. Therefore, it is recommended to apply as soon as possible.
Agency applications will not be accepted.