Cyber Governance, Risk, and Compliance

1 day ago

Sydney, Australia AI Talent Full time

**About the Role**

We are seeking an experienced **Cyber Governance, Risk, and Compliance (GRC) Specialist** to lead the implementation and continuous improvement of our organisation’s cybersecurity governance framework. This position is pivotal in ensuring that our systems, data, and infrastructure adhere to internal policies and external regulatory obligations, while proactively managing cyber risk and compliance across the enterprise.

You will work closely with executive leadership, IT teams, and external stakeholders to develop strategies, monitor controls, and report on risk posture, audit outcomes, and compliance metrics.

**Key Responsibilities**
- Lead the design, implementation, and management of cybersecurity governance frameworks, including policies, standards, and procedures aligned to ISO 27001, NIST, Essential Eight, and other relevant standards.
- Develop and maintain the organisation’s information security risk register and assist in the treatment planning and mitigation strategies.
- Coordinate internal and external audits related to cybersecurity and manage compliance reporting (e.g., SOC 2, ISO 27001, CPS 234, GDPR).
- Provide expert advice to business and IT leaders regarding security requirements, regulatory changes, and risk implications of new projects or technologies.
- Monitor compliance with security policies, identify gaps, and drive remediation in collaboration with system and security teams.
- Develop metrics and reporting dashboards for executive oversight of cyber risk, control effectiveness, and incident trends.
- Lead training and awareness initiatives to embed a culture of security and compliance across all departments.
- Liaise with external auditors, regulators, and compliance authorities where required.

**Required Skills & Experience**
- Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, or related field.
- Minimum 5 years of experience in a cybersecurity GRC or Information Security Compliance role.
- Strong understanding of risk management frameworks (e.g., ISO 27005, NIST RMF, FAIR), and regulatory standards (e.g., CPS 234, GDPR, PCI-DSS, SOX).
- Demonstrated experience leading internal/external security audits and vendor risk assessments.
- Excellent communication and stakeholder engagement skills, including report writing and executive briefings.
- Familiarity with GRC platforms and SIEM tools (e.g., Archer, ServiceNow GRC, Splunk, Microsoft Defender).
- Relevant certifications preferred**:CISM**, **CISSP**, **CRISC**, **ISO 27001 Lead Auditor**, or equivalent.

**Why Join Us?**
- Work with a dedicated team driving cyber resilience across the organisation.
- High-visibility role influencing security posture and risk culture at the executive level.
- Career development and upskilling opportunities in a supportive environment.
- Flexible working arrangements with a hybrid or remote-friendly structure.

**Job Types**: Full-time, Permanent

Pay: $70,000.00 - $120,000.00 per year

**Benefits**:

- Work from home

Work Authorisation:

- Australia (required)

Work Location: Hybrid remote in Sydney NSW 2000

  • Cyber Governance, Risk, and Compliance

    3 days ago

    Sydney, New South Wales, Australia AI Talent Full time $70,000 - $120,000 per year

    About the RoleWe are seeking an experienced Cyber Governance, Risk, and Compliance (GRC) Specialist to lead the implementation and continuous improvement of our organisation's cybersecurity governance framework. This position is pivotal in ensuring that our systems, data, and infrastructure adhere to internal policies and external regulatory obligations,...

  • Cyber Governance, Risk and Compliance Manager

    1 week ago

    Sydney, Australia Domain Group Full time

    **Cyber Governance, Risk and Compliance Manager - Sydney Office - Permanent Full Time** We have a high impact; newly created opportunity for an experienced Cybersecurity Governance, Risk and Compliance (GRC) Manager, to join our Domain team. Reporting into the Chief Information Security Officer (CISO); you will be responsible for the implementation and...

  • Cyber Risk and Governance Consultant

    1 day ago

    Sydney, Australia Interactive Pty Ltd Full time

    **LOCATION(S)** - Sydney *** **POSITION** - Permanent - **DEPARTMENT** - IT & Telecomms - Our Cyber Security team protects and defends our customers’ and own internal systems and our cyber offering includes threat & vulnerability assessments, cyber risk & governance consulting and 24/7 managed security services. Our Cyber, Risk & Governance team work...

  • Cyber Governance, Risk

    5 days ago

    Sydney Central Business District, Australia HAYS Full time

    GRC Lead | Full time Permanent Position | Sydney **Your new company** This role sits with one of the largest multinational construction company in Australia and they are looking for a GRC Lead in their team. **Your new role** This role is predominately focus security risks, governance and compliance management. The purpose of the role is to support the...

  • Cyber Governance, Risk, and Compliance

    10 hours ago

    NSW - Sydney - City & Inner West, Australia AI Talent Pty Ltd Full time

    About the Role We are seeking an experienced Cyber Governance, Risk, and Compliance (GRC) Specialist to lead the implementation and continuous improvement of our organisation’s cybersecurity governance framework. This position is pivotal in ensuring that our systems, data, and infrastructure adhere to internal policies and external regulatory obligations,...

  • Senior Manager Cyber International Governance and Compliance

    1 day ago

    Sydney, New South Wales, Australia Commonwealth Bank Full time $120,000 - $180,000 per year

    Senior Manager Group Cyber Governance and ComplianceYou are a passionate cybersecurity risk professional with strong expertise in governance, risk and complianceWe are one of the best and most advanced Cyber Security teams in AustraliaTogether we can contribute to protecting the Group, its customers and community from current and evolving cyber threats.See...

  • Coordinator Cyber Risk and Compliance

    7 days ago

    Sydney Olympic Park, Australia Ambulance Service of NSW Full time

    **Employment Type**:Permanent Full Time, 38 hours per week **Position Classification**:Health Mgr level 2 **Salary Range**:$109,857 per annum - $129,624 per annum+ 12% super and benefits **Location**: NSW Ambulance State Operations Centre, Sydney Olympic Park **Closing Date**:24 July 2025 **ABOUT NSW AMBULANCE** NSW Ambulance is an integral part of the NSW...

  • Expression of Interest Governance, Risk and Compliance

    1 day ago

    Sydney, Australia Fujitsu Full time

    About the job Expression of Interest_ Governance, Risk and Compliance (GRC) **We Are Fujitsu** We use technology to make happier lives. We are a global leader in technology and business solutions that transform organizations and the world around us. We have a long heritage of bringing innovation and expertise, continuously working to contribute to the...

  • Governance, Risk and Compliance

    1 day ago

    Sydney, Australia Finity Full time

    Role overview: Manage cyber security documentation in consultation with the technical and business stakeholders to comply with the ISO 27001 standard - We are looking for: **About Finity** Finity is the market leading actuarial consulting and strategic analytics firm in Australia and New Zealand. We are proud to have been recently acknowledged as ANZIIF...

  • Manager Governance, Risk

    1 day ago

    Sydney, Australia MinterEllison Full time

    **Location**: Sydney **Contract Type**: Permanent MinterEllison is one of Australia’s largest law firms, with nearly 200 years of business history. We're known for our legal and consulting expertise - and for our inclusive and authentic character. Our purpose is to create sustainable value with our clients, people and communities. That means we have a...