Security Grc Analyst

**Will you actively create a healthier future for tomorrow?**

At Medibank we’re encouraged to think big. We have a clear purpose to impact better health outcomes for our customers, patients and our community.

We celebrate diversity of thought because we want to make better decisions for our customers. As we work towards our goal of better health for better lives, we value the knowledge and contribution of Aboriginal and Torres Strait Islanders. We are working hard to create an inclusive workplace and develop Indigenous careers.

**The Opportunity**

An exciting opportunity for a future oriented human to join our Security Consulting team, as Security GRC Analyst.

In this role, you will be responsible for supporting the delivery of key security capabilities and outcomes. This includes, delivery and compliance of third-party assurance standards, including undertaking security risk assessments and reporting, providing advice to internal and external stakeholders on Medibank’s security practices and controls, and contributing to related security risk and compliance assurance activities.

Your day-day will vary with opportunities to support internal and external audits, execute third party risk assessments, get involved with initiatives to uplift processes, standards, and security requirements, and develop and establish training to provide stakeholders with the necessary cyber security skills and knowledge.

The team work flexibly with innovative ways of working practices and are provided with exciting career and learning opportunities, as we focus on creating a more fulfilled, healthier, and joyful place to work.

**Where you can add value**
- Embed and monitor compliance to implemented IT Security policies, standards, and procedures across the organisation.
- Maintain IT Security Risk Registers to continuously track and drive mitigation and resolution efforts.
- Identify Medibank’s IT Security requirements against key regulatory and industry best practice standards.
- Increase security posture and awareness within the organisation by supporting the delivery of the Security Awareness Training Program, workshops, and other engagements.
- Conduct periodic testing and evaluation of the effectiveness of security policies, procedures, and controls.
- Develop relationships with key stakeholders throughout Data & Technology and the broader business.

**So, who are we looking for?**

We’re looking for a dedicated analyst who has proven knowledge of information security and risk management processes, with a general understanding of technical security controls and technologies.

To be successful, you’ll have the ability to build and maintain productive relationships with key stakeholders and possess strong verbal and written communication skills, with the ability to communicate technical information to other technical and non-technical audiences. You have experience working independently across multiple third parties and business units at one time and are comfortable with ambiguity.

Experience in the Private Health Insurance industry is advantageous.

**A career with us**

At Medibank, we believe work is something we do, not somewhere we go. Our modes of working - Collaboration, Connection and Concentration - help inform how your day is structured and where you choose to work will vary, depending on your role and requirements.

We offer a range of great benefits such as subsidised private health insurance, rewards and discounts, and health and wellbeing initiatives. To find out more, click here.

**To start small and impact bigger.