Cyber Governance, Risk, and Compliance
3 weeks ago
About the Role
We are seeking an experienced Cyber Governance, Risk, and Compliance (GRC) Specialist to lead the implementation and continuous improvement of our organisation’s cybersecurity governance framework. This position is pivotal in ensuring that our systems, data, and infrastructure adhere to internal policies and external regulatory obligations, while proactively managing cyber risk and compliance across the enterprise.
You will work closely with executive leadership, IT teams, and external stakeholders to develop strategies, monitor controls, and report on risk posture, audit outcomes, and compliance metrics.
Key Responsibilities
Lead the design, implementation, and management of cybersecurity governance frameworks, including policies, standards, and procedures aligned to ISO 27001, NIST, Essential Eight, and other relevant standards.
Perform risk assessments and control evaluations to identify cybersecurity risks across infrastructure, applications, and third-party vendors.
Develop and maintain the organisation’s information security risk register and assist in the treatment planning and mitigation strategies.
Coordinate internal and external audits related to cybersecurity and manage compliance reporting (e.g., SOC 2, ISO 27001, CPS 234, GDPR).
Provide expert advice to business and IT leaders regarding security requirements, regulatory changes, and risk implications of new projects or technologies.
Monitor compliance with security policies, identify gaps, and drive remediation in collaboration with system and security teams.
Develop metrics and reporting dashboards for executive oversight of cyber risk, control effectiveness, and incident trends.
Lead training and awareness initiatives to embed a culture of security and compliance across all departments.
Liaise with external auditors, regulators, and compliance authorities where required.
Required Skills & Experience
Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, or related field.
Minimum 5 years of experience in a cybersecurity GRC or Information Security Compliance role.
Strong understanding of risk management frameworks (e.g., ISO 27005, NIST RMF, FAIR), and regulatory standards (e.g., CPS 234, GDPR, PCI-DSS, SOX).
Demonstrated experience leading internal/external security audits and vendor risk assessments.
Excellent communication and stakeholder engagement skills, including report writing and executive briefings.
Familiarity with GRC platforms and SIEM tools (e.g., Archer, ServiceNow GRC, Splunk, Microsoft Defender).
Relevant certifications preferred: CISM, CISSP, CRISC, ISO 27001 Lead Auditor, or equivalent.
Why Join Us?
Work with a dedicated team driving cyber resilience across the organisation.
High-visibility role influencing security posture and risk culture at the executive level.
Career development and upskilling opportunities in a supportive environment.
Flexible working arrangements with a hybrid or remote-friendly structure.
-
Cyber Governance, Risk and Compliance Specialist
2 weeks ago
West Perth, Australia Royal Automobile Club of WA Full timeJoin our IT team as a Governance, Risk and Compliance (GRC) Specialist and help us shape and secure the cyber future of RACWA. You will play a key role in developing and implementing cyber governance frameworks and processes, ensuring that we meet our IT security and compliance goals. You will also create and maintain documentation to demonstrate our...
-
Cyber Governance, Risk
2 weeks ago
Sydney, Australia King & Wood Mallesons Full timeNew role to the firm - Enhance what we have and take the next step in your career- With a few years experience behind you, you will be looking to introduce what you’ve learnt in developing and implementing cyber governance frameworks and processes, ensuring that we meet our information security and compliance goals.- As a leading law firm, we actively seek...
-
Sydney, Australia TAL Full timeCompany Description Welcome to This Australian Life. From the millions of Australians we protect, to those that make it happen every day at TAL, people really are what we’re all about. We want to grow with you. Achieve with you. And support you to do your best work. That's why we're focused on developing leadership, promoting diversity, rewarding...
-
Sydney, New South Wales, Australia Macquarie University Full timeCyber Security Governance, Risk and Compliance Manager Join to apply for the Cyber Security Governance, Risk and Compliance Manager role at Macquarie University About the Role Macquarie University is seeking a dynamic and experienced Cyber Security Governance, Risk and Compliance (GRC) Manager to lead the development and implementation of our cyber...
-
Sydney, New South Wales, Australia Macquarie University Full timeCyber Security Governance, Risk and Compliance ManagerJoin to apply for the Cyber Security Governance, Risk and Compliance Manager role at Macquarie UniversityAbout the RoleMacquarie University is seeking a dynamic and experienced Cyber Security Governance, Risk and Compliance (GRC) Manager to lead the development and implementation of our cyber security GRC...
-
Technology Risk
3 weeks ago
NSW - Sydney - City & Inner West, Australia KPMG Full timeOur Technology Risk and Cyber team advises clients about their potential cyber and IT risks and opportunities. We work as an integrated business and as part of a larger multi-disciplinary team. The team draws on a diverse and dedicated group of people, powerful KPMG methodologies, innovating capability and assets, and global resources to support our clients...
-
Cyber Sec Governance
2 days ago
Sydney, Australia University of New South Wales Full time**Job no**: 528006 **Work type**: full time **Location**: Sydney, NSW **Categories**: Information Technology, Cyber - Employment Type: full time continuing role as a Cyber Security Governance and Compliance Manager - Excellent salary package including superannuation - Location: UNSW Kensington Campus (Hybrid Working Opportunities) **About UNSW**: UNSW...
-
Governance, Risk and Compliance Analyst
2 days ago
West Perth, Australia Royal Automobile Club of WA Full timeAs a Governance, Risk and Compliance Analyst you will be responsible maintaining cyber governance processes and practices to support RACWA in managing security risks and compliance obligations. This includes documenting processes for assuring compliance with organisational and regulatory requirements, procedures and standards. What will you be doing?-...
-
Sydney, Australia Commonwealth Bank Full time**Executive Manager Group Cyber Governance and Compliance** - **_You are _**_a passionate Cyber Security Leader with strong expertise in governance, risk and compliance and a demonstrated capability to lead and develop people _ - **_We are one _**_of the best and most advanced Cyber Security teams in Australia _ - **_Together we can _**_contribute to...
-
Coordinator Cyber Risk and Compliance
1 week ago
Sydney Olympic Park, Australia Ambulance Service of NSW Full time**Employment Type**:Permanent Full Time, 38 hours per week **Position Classification**:Health Mgr level 2 **Salary Range**:$109,857 per annum - $129,624 per annum+ 12% super and benefits **Location**: NSW Ambulance State Operations Centre, Sydney Olympic Park **Closing Date**:24 July 2025 **ABOUT NSW AMBULANCE** NSW Ambulance is an integral part of the NSW...
