Security Governance, Risk

We’ve been trusted to serve Aussie communities since 1914 and grown to become a top 30-listed on the ASX with 120,000 team members and a portfolio of iconic brands. At Coles Group, you’ll not only get to make a difference to millions of Aussie lives—you’ll also get to see your impact.

**About the team**

Technology is the backbone of our business. Every day, our team solves complex and meaningful problems. Those solutions help thousands of our fellow team members succeed, and make millions of customers’ lives easier every day.

The Technology Transformation vision and scope is to evolve organisational capabilities that enable and empower teams to continuously provide the highest value to customers at an ever-increasing pace.

**About the role**

The Information Security team is accountable for all aspects of Information Security across Coles including Strategy & Architecture, Governance & Compliance, Security Detection & Response, Cloud Security and Security Technologies. The role of Security Governance, Risk and Compliance Manager will be accountable for all aspects across Cole’s governance and within the risk and compliance landscape.

The Security Governance, Risk and Compliance Division (GRC), which is part of the wider Information Security Team, provides a diverse range of security services to Coles including management of our cyber risk tooling and processes (Archer) & controls assurance process.

As a Security GRC Manager within the GRC team you will take ownership of our risk and compliance toolset (Archer) and associated operational and governance processes. You will liaise with information systems owners across Coles to influence and assist, in building and maintaining both a compliance and risk profile.

You are the SME in offering ongoing support and leadership, managing complex security issues across a large-scale mission-critical business environment and advising internal and external stakeholders by generating risk and compliance governance reports to identify change, issues, and possible improvement across the organisation.

You’ll also:

- Generate, collate, and present metrics and reporting on the operation of Coles security services.
- Assist with the development and maintenance of Coles security policy, standards, and guidelines in line with regulatory requirements, industry and technology changes
- Liaise with information system owners to support them in maintaining risk and compliance profiles and risk treatment plans.
- Work across multiple other services provided by the Security GRC team.

**About you and your skills**

This role will require an experienced security specialist who can offer guidance and support across a complex and large scaled security landscape. You will draw from your past experiences in managing GRC processes, delivering and consulting on technical and non-technical concepts to ensure the Coles’ business meets all relevant security standards.

You will bring a wealth of experience in information security and a specialty in Security Governance, Risk and Compliance (GRC). You will offer technical and non-technical support, across internal and external stakeholders to ensure security standards and regulatory compliance requirements are met and provide ongoing support across various GRC issues and queries.

You will be a catalyst in providing advice, developing key processes and driving ongoing change across Coles’ security landscape.

You’ll also need.
- Experience in working across a large-scale and complex security environment managing all aspects of the risk, compliance and governance reporting.
- The ability to advise on technical and non-technical security requirements and or issues.
- Extensive experience in establishing and operating security controls compliance programs for large organisations, including planning and roadmap development.
- Proficiency in working with GRC products e.g. RSA Archer.
- Familiarity with relevant security frameworks and standards such as ISO 27000 series, ISO 31000, PCI-DSS, Essential 8, NIST CSF.

With us it’s not about the discounts (although you do get those), it’s about joining a team where your wellbeing and professional development is invested in and celebrating your contributions is the norm. And because everyone leads unique lives, we offer flexible work including work from home, additional leave and parental leave entitlements.

**Safer together**:
Job ID: 66203

Employment Type: Full time