Cyber Security, Grc Specialist

2 days ago


Sydney, Australia Snowy Hydro Full time

**About Snowy**:
Snowy Hydro is a dynamic, integrated energy business that has been providing on-demand, reliable energy to Australia for generations. Snowy Hydro owns and operates a powerful combination of generation assets, including the mighty Snowy Mountains Scheme, gas and diesel plants, and contracted wind and solar energy. We also provide electricity and gas to about 1.5 million retail customers through our retail brands Red Energy and Lumo Energy.

Snowy 2.0 is Australia’s largest committed renewable energy project. This nation-building project will provide on-demand energy and large-scale storage for many generations to come.

**About the position**:
Are you a seasoned Cyber Security - Governance, Risk & Compliance Specialist with a proven ability to develop, implement, and manage information security governance, risk management, and compliance programs? We are seeking a professional who can ensure compliance with relevant laws, regulations, and industry standards, while proactively identifying, assessing and mitigating cyber risks.

**Key Responsibilities**:

- Develop, implement, and manage information security governance, risk management, and compliance programs.
- Ensure adherence to relevant laws, regulations, and industry standards, while proactively identifying and mitigating cyber risks.
- Develop, implement, and maintain information security policies, standards, guidelines, and procedures.
- Conduct information security risk assessments and maintain a comprehensive risk register.
- Ensure adherence to applicable Australian and international cybersecurity laws, regulations, and standards.
- Coordinate and support internal and external security audits.
- Collaborate effectively with IT, Legal, Audit, and business units to integrate security GRC requirements.

**About the location**:
This role can be based in either Melbourne or Sydney, offering flexibility to suit your lifestyle and preferences. We have an office in both cities providing excellent opportunities for professional growth, networking, and innovation in the cybersecurity and compliance space.

Whether you choose Melbourne—with its vibrant arts scene, diverse culture, and renowned food and coffee—or Sydney, known for its iconic harbour, dynamic business environment, and coastal lifestyle, you'll be working in a location that supports both career advancement and quality of life. Our centrally located offices in both cities are easily accessible by public transport and surrounded by a wide range of amenities.

**About you**:

- Degree in IT, Computer Science, Cybersecurity, or related field, or equivalent experience.
- 7+ years of progressive experience in information security, with a strong GRC focus.
- Proven experience with hands-on delivery of developing and implementing security policies, standards, and procedures.
- Demonstrable experience conducting risk assessments and managing risk registers.
- Solid understanding of common information security frameworks (e.g., AESCSF, ISO 27001, Essential Eight) and Australian cybersecurity regulations (e.g., Privacy Act 1988, CPS 234).
- Excellent written and verbal communication, strong analytical skills, and ability to work independently and in a team.
- Relevant industry certifications (CISSP, CISM, CISA, CRISC, CompTIA Security+) are highly regarded.
- Experience with GRC platforms, cloud security, agile methodologies, and in the energy/utilities industry are advantageous.

**About our workforce**:
Diversity and inclusion is important to us. Snowy Hydro has a culture of decency and inclusion, with a commitment to the health and wellbeing of our people and a supportive environment to ensure that everyone - regardless of background - feels included and can succeed. At Snowy Hydro, we recognise that we are made stronger by the unique capabilities and qualities that each individual brings, and we believe in providing an environment that allows that uniqueness to thrive.



  • Sydney, Australia Austcorp Executive Full time

    12 month contract w/ extensions likely - Huge cyber security uplift and restart program - Excellent contract rates and WFH flexibility This large enterprise organisation is looking for an experienced **Cyber Security GRC Specialist** to join support the CISO in a huge Greenfield cyber security uplift program of work. The goal of the role is to establish...


  • Sydney, New South Wales, Australia e2 Cyber Full time

    We are seeking aCyber Security GRC Consultantto join a growing advisory team delivering high impact security and compliance outcomes for clients across Australia. This is aclient facing consulting rolewhere you will work directly with stakeholders across financial services, healthcare, critical infrastructure, and government sectors to strengthen cyber...

  • Cyber Security

    1 week ago


    Sydney, Australia Firesoft People Full time

    **Cyber Security - Associate Director (GRC)** **Global Professional Services** **$180k - $200k + Super** **Brisbane Based** Our client a renowned organization consistently recognized as one of the best companies to work for. As an Associate Director in Cyber Security Governance, Risk, and Compliance, you will have the opportunity to work on some of the...

  • Grc Specialist

    4 days ago


    Sydney, Australia Capstone Full time

    6 Month Contract + Further Extensions - Sydney Location - 1 Day in the Office - Great Daily Rate $$$ **GRC Analyst/Specialist - Archer** We currently seek an experienced GRC Analyst/Specialist that can manage Cyber Security Risk & Compliance capabilities including reporting, confirmation, reviews, and mitigation activities. You will also be required to...


  • Sydney, New South Wales, Australia Skylight Cyber Security Full time

    About Skylight CyberAt Skylight Cyber, we're young, transparent, and culture-focused boutique cyber security firm specialising in providing high-end services to enterprises globally. We provide our customers with world class expertise to build and continuously evolve an effective security stack across people, process, and technology.We thrive and are...


  • Sydney, Australia Stockland Full time

    We have an opportunity for a Cyber GRC Consultant to join the team at our Sydney Office. **The Opportunity** The role of Cyber GRC Consultant is responsible for the delivery and execution of the Cyber Security Governance, Risk, and Compliance uplift program, supporting operational processes and services to support Stockland agreed business...


  • Sydney, Australia MinterEllison Full time

    **Location**: Sydney, Brisbane, Melbourne **Contract Type**: Permanent MinterEllison is one of Australia’s largest law firms, with nearly 200 years of business history. We're known for our legal and consulting expertise - and for our inclusive and authentic character. Our purpose is to create sustainable value with our clients, people and communities....


  • Sydney, New South Wales, Australia Leidos Full time $80,000 - $120,000 per year

    We're a 'Family Friendly' certified workplace – we understand the diverse roles our team members need to play within their own unique family setting and actively support them.   Our team feel Leidos is a great place to work. Learn more about our culture and benefits by visiting us here    Do Work That Matters  Leidos Australia delivers IT and...


  • Sydney, New South Wales, Australia Decipher Bureau Full time $130,000 - $150,000 per year

    The CompanyWe're partnering with a fast-growing Australian consultancy that's building a reputation as a leader in cyber strategy, governance, and risk. Following an internal promotion, we're now looking for aLead Cyber Strategy & GRC Consultantto join a high-performing team that thrives on solving complex problems and shaping the future of cyber for...


  • Council of the City of Sydney, Australia ROBERT WALTERS AUSTRALIA Full time

    Prior consulting experience is highly regarded. Recent experience across ISM/Essential 8, NIST, and ISO27001 is a must. Responsibilities: - Develop and implement solutions to reduce cybersecurity risks across networks and systems - Interpret and apply security controls from government and industry frameworks, such as ISM (Information Security Manual) and...