Expression of Interest_ Governance, Risk and Compliance

Overview

Expression of Interest_ Governance, Risk and Compliance (GRC) – Fujitsu, Sydney, New South Wales, Australia. Join or sign in to find your next job. This listing describes an Expression of Interest for the Governance, Risk and Compliance (GRC) role at Fujitsu.

About the job

We are looking for a Governance, Risk and Compliance (GRC) Senior Manager / Principal Consultant to join our team and partner with a highly skilled team to provide real-time security advice and guidance to uplift our clients' cyber posture.

You Will Help Our Clients

• Develop and embed cyber security policy in alignment with industry frameworks and standards (e.g., ISM, PSPF, Essential 8, NIST, ISO27001 / 27002).
• Undertake compliance assessments in alignment with policy and industry standards.
• Quantify, understand, and manage security risks.
• Uplift the cyber security stance and protect their systems.
• Develop meaningful risk reporting.
• Assist client with the security authorisation of their systems.

Location is flexible across the east coast of Australia.

Responsibilities

• Authoring security policy, process improvement, and security documentation artifacts.
• Undertaking compliance assessments against whole-of-government and industry standards.
• Creating threat models reflecting the organisation and its in-scope systems.
• Undertake risk assessments.
• Assisting with uplift of cyber security posture and awareness to protect systems and data.
• Collaborating with internal teams to ensure understanding of security risks and proposing fit-for-purpose mitigations.
• Supporting automation of collection and collation services for cyber reporting across multiple sources.
• Leading or supporting the team to deliver outcomes within scope, on time, on budget and to expected standards.
• Manage own workload to ensure client and company timelines are met.
• Consistently use the quality assurance process to deliver client results.
• Other duties as required.

Mandatory SkillsCyber Security Frameworks & Compliance

• Strong understanding of ISM, PSPF, Essential 8, NIST, ISO 27001/27002, and other relevant standards.
• Experience conducting compliance assessments and security audits.
• Ability to develop and embed cyber security policies aligned with industry best practices.

Risk Management & Threat Modelling

• Expertise in assessing, quantifying, and managing security risks.
• Proficiency in threat modelling tailored to organisational security needs.
• Capability to provide meaningful risk reporting and recommendations.

Security Documentation & Policy Development

• Experience in authoring security policies, process improvement plans, and security documentation.
• Ability to create clear and actionable security guidelines for organisations.

Cybersecurity Posture & Awareness

• Proven ability to uplift an organisation's security stance.
• Skilled in training and improving security awareness across teams.
• Technical Knowledge & Compliance Reporting; strong understanding of security authorization processes for systems.
• Experience in automating cyber reporting across multiple sources.

Required Skills

• Ability to work independently and with minimal oversight.
• Strong communication skills to collaborate with teams and stakeholders.
• Critical thinking to assess security gaps and propose solutions.

Why Fujitsu?

• We are an organisation with a strong set of values and a history of respecting fairness and equality, whilst promoting diversity, equity, and inclusion. We call this Be Completely You.
• We put people first and support professional and personal growth; we offer tailored career paths across our global organisation.
• We have an excellent reputation across the region and globally, with best-in-class reward and recognition programs, flexible work, volunteering leave, and more.
• We live our values of aspiration, trust, and empathy, all day, every day.

Commitment to Diversity, Equity and Inclusion

As an inclusive employer, Fujitsu aims to recruit a diverse range of talents. We welcome applications from women and gender-diverse people; Aboriginal and Torres Strait Islander people; Māori and Pacific people; LGBTI+ people; people with a disability; culturally and linguistically diverse people; veterans, the Australian Defence Force (ADF) and emergency responders. Transgender and gender-diverse applicants can request a copy of our Frequently Asked Questions to assist with the recruitment journey.

If you don't tick every box in this job description, please don't rule yourself out. We focus on hiring people who value inclusion, collaboration, adaptability, courage, and integrity.

For more information, please email careersapac@fujitsu.com.

Legal and application notes

Fujitsu does not accept unsolicited assistance from search firms for employment opportunities. All CVs or resumes submitted by search firms to any employee at our company without a valid written agreement in place for this position will be considered the sole property of our company. No fee will be paid if a candidate is hired by Fujitsu due to an agency referral where no existing agreement is in place with the Fujitsu Talent Acquisition Team. Where agency agreements are in place, introductions must be through engagement by the Fujitsu Talent Acquisition Team.

Role particulars

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Other
• Industries: IT Services and IT Consulting

#J-18808-Ljbffr

---