Principal Security Advisor

  • Category: Security Services
  • Team: Consulting & Professional Services
  • Location: Sydney , New South Wales


Position at Trustwave

As a recognized global cyber defender that stops cyber threats all day, every day – we enable our clients to conduct their business, securely.

Trustwave detects threats that others can’t see, enabling us to respond quickly and protect our clients from the devastating impact of cyberattacks. We leverage our world-class team of security consultants, threat hunters and researchers, and our market-leading security operations platform, to relentlessly identify and isolate threats with the right telemetry at the right time for the right response.

Trustwave is a leader in managed detection and response (MDR), managed security services (MSS), consulting and professional services, database security, and email security. Our elite Trustwave SpiderLabs team provides award-winning threat research and intelligence, which is infused into Trustwave services and products to fortify cyber resilience in the age of advanced threats.

  • $5k and 5 days' training / continued education allowance per year
  • Be a part of a collaborative and supportive team (you won’t feel alone!)
  • Career growth: receive mentoring, coaching, and support to progress your career
  • Flexible work arrangements

Principal Security Advisor

Everyone's voice matters here.  We aren’t looking for passengers, we’re looking for those interested in an opportunity to develop their skills and experience in information security and make a real difference.

In short, to work here, you need to give a s*** - after all, it could be your data you're protecting.

In return for your commitment, we will develop you personally and professionally in the company of competent colleagues, and you will have a professional development budget at your disposal each year for just that. We also want to recognise and reward your ongoing efforts and have a range of ways of doing that, from an annual bonus, flexible work arrangements, to cake ceremonies (we love cake) or a special night out.  But best of all, we’ll give you a hoodie and are happy for you to dress casually when working in the office. 
Please note, due to client requirements, it is mandatory you hold a security clearance or be willing / eligible to obtain a BASELINE clearance (this includes being an Australian citizen).

A bit more about the role
This role will require you to be a salesperson, a trusted advisor, a people manager, a project manager and a mentor. Individuals will possess a rare mix of business development, team management and consulting delivery skills.

The role requires you to provide a broad range of advisory services, covering security strategy, governance, risk, architecture and compliance topics, as well as enough of a technical background to lead and project manage technical security assessment and review tasks (e.g. penetration testing and system configuration reviews). Naturally we expect most people will be stronger in certain disciplines. Below are some of your key responsibilities:

Consulting Delivery:

  • Delivery of consulting tasks at a strategic level – defining and solving
    complex problems
  • Ability to understand business drivers and align advice and deliverables to suit

Engagement Management:

  • Management for a select set of Trustwave customers throughout the project lifecycle
  • Liaise with business and project stakeholders across selected projects as required to provide input and feedback during project delivery
  • Oversight and management of projects allocated to you and some of the team’s delivery
  • Required visibility of the customer’s requirements, deliverables and the ability to ensure the team deliver the output to the high Trustwave standard

Business Development:

  • Building relationships with existing customers and developing relationships with potential clients
  • Bring a network of contacts in the industry
  • The ability to progress opportunities from lead to close
  • Build awareness of the Trustwave brand through industry networks and presentations

Other key responsibilities are Team Management and Mentoring, Project and Financial Management, and Quality Assurance.


  • Behavioral Competencies:
    • Highly developed leadership and influencing skills
    • Self-awareness and exceptional ‘EQ’ and soft skills
    • Demonstrated highly developed oral and written communication skills, with the ability to communicate comfortably with large groups and executives, and to articulate technical concepts and solutions to non-technical stakeholders
    • Ability to collaborate, maintain working relationships with, and gain the trust of stakeholders throughout customer organisations
    • Developed ability to identify and develop above skills in others
  • Competencies:
    • High level ability to take the initiative, make informed and measured decisions and deliver outcomes from those decisions
    • The ability to analyse and simplify complex problems, evaluate them systematically, identify causal relationships and construct frameworks for problem solving
    • The ability to think ahead and establish an appropriate course of action taking into account the constraints imposed for own as well as other’s projects
  • Your Skills/Experience:
    • At least 5+ years of experience in information security or technical governance, operations or assurance type roles
    • 2+ years managerial experience in an information security leadership role
    • 2+ years of experience in selling information security services or solutions
    • Thorough understanding of risk management and how it relates to cyber security
    • Experience in an internal-advisory/external-consulting role utilising Federal Government PSPF & ISM Frameworks
    • An analytical mindset (particularly when it comes to technology and business risk)
    • Experience developing security risk assessments (SRA), System Security Plans (SSP), System Security Plan Annexes and other supporting documentation
    • Experience with these standards is a plus: NIST-CSF, ISO 27001, PCI DSS, ISM, PSPF
    • The ability to keep up to date with multiple security technologies
    • Azure or AWS certifications would be beneficial

Generally though, certifications /qualifications are nice to have. What we care about is what you know, and who you are. How you came to know it – whether via formal education, industry training and certification, self study, or the school of hard knocks -will be a good discussion point, but we don't necessarily favor one over the other.

Share this opportunity

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. Offering a comprehensive portfolio of managed security services, consulting and professional services, and data protection technology, Trustwave helps businesses embrace digital transformation securely.Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries.

To All Agencies: Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.