Job Details

**Date Created**:
11/07/2025

**Title**:
Cyber GRC Specialist

**Company**:
ITC2

**Location**:
Tullamarine VIC

**Position**:
Contract

**Description**:

- Our Client is looking for a skilled **Cyber GRC Specialist** to join their APAC cybersecurity team. In this role, you'll help shape and maintain a strong Governance, Risk, and Compliance (GRC) framework that aligns with industry best practices and regulatory requirements. Your work will directly contribute to strengthening our cybersecurity posture across the region.
- **The requisite skills and experience defined below,**:

- **Australian Permanent Residence working rights, and**:

- **At least 3+ years of local working experience in the same or similar role.**

**Key Responsibilities**
- Support the development and continuous improvement of the organisations GRC program.
- Conduct third-party security risk assessments to evaluate vendor compliance, resilience, and security posture using GRC platforms.
- Assist in identifying and managing cybersecurity risks, including recommending and tracking control improvements.
- Perform internal security assessments, audits, and reviews to identify and mitigate risks.
- Deliver clear, actionable reports on risk heatmap, control effectiveness, and remediation progress.
- Coordinate evidence collection and documentation for cybersecurity and regulatory audits.

**What Were Looking For**
- 3+ years of experience in GRC.
- Good understanding of cyber security fundamentals.
- Strong understanding of cybersecurity frameworks and standards (e.g., NIST CSF, ISO 27001, PCI DSS, Essential Eight, CIS Controls).
- Experience with GRC platforms (e.g., Archer, 6clicks) and data visualisation tools (e.g., Power BI).
- Relevant certifications such as ISO27005 Risk manager, CRISC, or equivalent is highly desirable.
- Excellent communication and internal and external stakeholder engagement skills.

**Notes**:

- Your daily rate will depend on skills and experience.
- **Start date is ASAP.