Governance, Risk and Compliance Advisor

Our Why
Datacom works with organisations and communities across Australia and New Zealand to make a difference in people’s lives and help organisations use the power of tech to innovate and grow.
About the Role (your why)
With the ever-emerging threat on IT systems it is imperative Datacom continue to grow our Cyber practice. Are you interested in honing and developing your current skillset in Cybersecurity?
Are you passionate about learning Cyber Security technologies and want to be integral to the Datacom team? Your key attributes will be;
- Ability to engage with different, people, processes and technologies.
- Should be comfortable in front of a customer in delivery of consulting with some understanding of technologies.
- Always seeking improvement in themselves and within aspects of delivery.
- Open-mindedness and the ability to be provided with risk mitigation options from various stakeholders.
- Able to see the bigger picture and understands the concept that a risk can be mitigated various ways through various methods.
- Able to work independently or part of a team, share knowledge.

Our offices are based in, Canberra, we like to bring people together in person when we can, but we are mindful of the benefits of working from home for work/ life balance. We therefore leave it to you and the team you join to figure out what works best
Please note that to be successful in this role you will need to be an Australian Citizen, and be eligible for Baseline/ NV1 Security Clearance.
What you’ll do
Your key responsibilities as a Governance, Risk and Compliance Advisor are:

- Identify, develop and implement Security processes, standards and policies
- Work closely with our internal business units and clients to ensure adherence to Information Security Manual (ISM) and The Protective Security Policy Framework (PSPF)
- On-going auditing, monitoring and improvement of security controls, including the development of Threat and Risk Assessments (TRA), System Security Plans (SSP), and Security Risk Management plans (SRMP).
- ISO27K framework and knowledge of building and running an Information Security Management System (ISMS)
- Providing guidance, education, and training to ensure adherence and compliance (people, processes, and technology)

We are a pretty agile company, and are keen to respond to customer, technology and internal stakeholders’ changing requirements and this can mean we evolve in our roles to meet those needs.
What you’ll bring
- Minimum 3 years of experience in information security, audit, assurance, governance, risk or compliance and a sound understanding of information security principles, polices and standards
- The GRC Advisor must have a detailed knowledge of agency specific and Australian Government protective security policy, principles, and minimum standards, and be provided with opportunity to maintain this knowledge
- Some technical knowledge to make informed decisions about business risks from vulnerabilities
- Ideally, you will be industry certified and may even hold a CISSP, CISM, MS or equivalent certifications.
- Experience in developing and administering an information security program (desirable).

Why join us here at Datacom?
Datacom is one of Australia and New Zealand’s largest suppliers of Information Technology professional services. We have managed to maintain a dynamic, agile, small business feel that is often diluted in larger organisations of our size. It's our people that give Datacom its unique culture and energy that you can feel from the moment you meet with us.
We care about our people and provide a range of perks such as social events, chill-out spaces, remote working, flexi-hours and professional development courses to name a few. You’ll have the opportunity to learn, develop your career, connect and bring your true self to work. You will be recognised and valued for your contributions and be able to do your work in a collegial, flat-structured environment.
We operate at the forefront of technology to help Australia and New Zealand’s largest enterprise organisations explore possibilities and solve their greatest challenges, so you will never run out of interesting new challenges and opportunities.
We want Datacom to be an inclusive and welcoming workplace for everyone and take pride in the steps we have taken and continue to take to make our environment fun and friendly, and our people feel supported.