Cyber Security Governance, Risk and Compliance Manager

Cyber Security Governance, Risk and Compliance Manager

Join to apply for the Cyber Security Governance, Risk and Compliance Manager role at Macquarie University

About the Role

Macquarie University is seeking a dynamic and experienced Cyber Security Governance, Risk and Compliance (GRC) Manager to lead the development and implementation of our cyber security GRC framework. This pivotal role ensures alignment with enterprise risk management and strategic objectives, while maintaining compliance with legal and regulatory requirements.

You will be a key advisor to senior leadership, shaping the University's cyber security posture across digital transformation, research infrastructure, and third-party engagements. This is an exciting opportunity to make a significant impact in a progressive, research-intensive university environment. This role reports to our Chief Information Security Officer.

Key Responsibilities

• Lead the design and enhancement of the University's cyber security GRC framework.
• Develop and maintain cyber security policies, procedures, and the Information Security Risk Register.
• Manage risk assessments, compliance audits, and control testing.
• Ensure compliance with NIST CSF, ASD Essential Eight, Privacy Act, and other relevant frameworks.
• Collaborate with internal and external stakeholders to align risk and compliance efforts.
• Prepare reports and briefings for senior leadership and governance bodies.
• Implement quantitative risk models (e.g., FAIR) to support strategic decision-making.
• Provide expert advice and support across the University on cyber risk and governance.

About you

You are a strategic thinker with deep expertise in cyber security governance, risk, and compliance. You thrive in complex environments and are passionate about building a strong security culture. You bring a collaborative approach and a commitment to excellence, along with the following qualifications and experience (selection criteria):

• Tertiary qualifications in Information Security, Risk Management, Business, Law, or related field
• Proven track record in designing, implementing, and managing risk-based governance structures, compliance programs, and audit processes in a large, multi-faceted organisation
• Strong understanding of the Australian regulatory environment, including the Privacy Act, TEQSA, Notifiable Data Breach scheme, PSPF, and critical infrastructure obligations
• Experience with GRC platforms and quantitative risk models (e.g., FAIR)
• Strong knowledge of ISO/IEC 27001, NIST CSF, Essential Eight, and Australian regulatory frameworks
• Excellent communication skills and stakeholder engagement capabilities
• Industry certifications (e.g., CISA, CRISC, CGEIT, FAIR Risk Analyst, CISSP) (Highly Desirable)

About Us

Macquarie is a university engaged with the real and often complex problems and opportunities that define our lives. Celebrating its 60th year in 2024, it was established as a bold experiment in higher education and designed to break from educational traditions to work in tandem with industry. Institutionally we strive for the extraordinary by challenging convention and embracing different views. Our pioneering culture has encouraged and inspired students, staff and collaborators to break free from conventional thinking, and to actively shape the complex issues that define the future of humanity.

Why work at Macquarie

We rank amongst the top employers in the Australian Workplace Employers Index, having recently earned a five-star rating in the QS World Rankings with the highest rating for employability.

Our prime location, we are walking distance from Macquarie University Metro Station and Macquarie Shopping Centre. Not only are we close, take a look at our benefits on offer:

• 17% Superannuation
• Subsidised onsite parking options
• Flexible working options
• Training and professional development
• Discounted health insurance (Medibank)
• Employee Assistance Program
• Subsidised membership at the Sport & Aquatic Centre

Please note: This position will require a Criminal Record check & Qualifications check. AGSVA security clearance may be required. We reserve the right to progress or decline an application prior to the application closing date.

If you're already part of the Macquarie Group (MQ University, U@MQ, MQ Health, MGSM), you'll need to apply through your employee Workday account. To apply for this job: Login to Workday and go to the Careers App > Find Jobs.

Applications Close

23/09/2025 11:59 PM

A Place Where You Belong

At Macquarie, we believe diversity makes us stronger, inclusion drives our success, and belonging inspires us to do our best work. We are proud to foster a community where different backgrounds, identities, and experiences are valued, and where our people are empowered to thrive through supportive leadership, shared responsibility, and a deep commitment to genuine care and respect for our community. Find out more about our vision for a truly inclusive workplace in our Diversity, Inclusion and Belonging Framework.

Flexible Work

At Macquarie, we believe by providing flexibility in when, where and how work is done, we can support our staff to manage their personal commitments, while optimising their work performance and contributions to the University. See how we lead in flexible work to enable an outcome focused and inclusive workplace. To learn more about our culture and hiring process, visit our Jobs at Macquarie page.

Seniority level

• Director

Employment type

• Full-time

Job function

• Information Technology and Education

Industries

• Technology, Information and Media and Computer and Network Security

Referrals increase your chances of interviewing at Macquarie University by 2x

Sign in to set job alerts for "Security Risk Manager" roles.

#J-18808-Ljbffr

---