Cyber Governance Risk and Compliance Specialist

13 hours ago

Melbourne, Victoria, Australia C9 Group Full time $120,000 - $150,000 per year

Role: Cyber Governance Risk and Compliance Specialist

Salary: 100,000 AUD plus SUPERANNUATION

Job Type: Full-time, Permanent

Working Hours: 38 hours per week

Location: Melbourne, Victoria, Australia

Key Responsibilities

  • Lead the governance, risk, and compliance (GRC) function for cyber security, ensuring alignment with organisational objectives, regulatory requirements, and industry best practices.
  • Develop, implement, and manage enterprise-wide information security governance, risk management, and compliance programs.
  • Ensure adherence to applicable Australian and international cybersecurity laws, regulations, and standards
  • Plan, implement, and conduct internal and external audits for various standards, including ISO 27001, ISO 22301, ISO 27701, SOC 2, and NIST frameworks.
  • Develop, implement, and maintain cyber security policies, standards, guidelines, and procedures, including database-related security documentation.
  • Implement and administer database documentation, guidelines, policies, and procedures to ensure data integrity, confidentiality, and availability.
  • Test database systems and upgrades, including debugging, issue reproduction, logging, tracking, and resolving all identified problems in accordance with approved quality testing scripts, procedures, and processes.
  • Conduct and maintain comprehensive cyber risk assessments and maintain an up-to-date risk register.
  • Lead cyber control assurance and testing activities to validate control effectiveness.
  • Perform third-party security risk assessments and contractual security clause reviews.
  • Manage compliance with internal security policies and regulatory requirements, ensuring evidence-based audit readiness.
  • Oversee security exemptions, waivers, and cyber maturity assessments.
  • Deliver actionable cyber security reporting, dashboards, and key risk metrics to executives and stakeholders.
  • Collaborate with IT, Legal, Audit, and business units to embed GRC requirements into technology and operational processes.
  • Support continuous improvement of governance frameworks, processes, and toolsets.

Key Skills & Experience

  • Degree in Information Technology, Computer Science, Cybersecurity, or related discipline; or equivalent professional experience.
  • 8+ years' experience in information security, with a strong focus on governance, risk, and compliance.
  • Proven track record of planning, implementing, and auditing security frameworks, including ISO 27001, ISO 22301, ISO 27701, SOC 2, and NIST.
  • Demonstrable experience conducting cyber risk assessments, managing risk registers, and overseeing remediation activities.
  • In-depth understanding of common security frameworks and regulations, including AESCSF, ISO 27001, Essential Eight.
  • Strong knowledge and hands-on experience in Network, Cloud, and Virtualisation platforms.
  • Practical experience with EDR, MDR, DLP, email security, and vulnerability management solutions.
  • Familiarity with GRC platforms and related reporting tools.
  • Experience in database security governance, including implementing documentation, policies, and procedures.
  • Experience with database system testing (debugging, reproducing, tracking, and resolving issues) in line with quality assurance processes.
  • Excellent analytical, problem-solving, and communication skills, with the ability to convey complex concepts to both technical and non-technical audiences.
  • Relevant industry certifications (CISSP, CISA) – mandatory.
  • Experience working in regulated industries such as energy/utilities, financial services, or government is advantageous.

  • Principal Cyber Security Governance Risk and Audit Analyst

    1 week ago

    Melbourne, Victoria, Australia Department of Health Full time $70,000 - $120,000 per year

    About the role:The Principal Cyber Security Analyst Governance, Risk & Audit is responsible for leading and executing end-to-end activities related to internal and external audits, governance forums, cyber security performance reporting, and cyber risk management. This role plays a key part in strengthening the department's cyber resilience by identifying...

  • Principal Cyber Security Governance Risk and Audit Analyst

    1 week ago

    Melbourne City Centre, Victoria, Australia Victorian Government - Department of Health Full time $120,000 - $180,000 per year

    About the role:The Principal Cyber Security Analyst Governance, Risk & Audit is responsible for leading and executing end-to-end activities related to internal and external audits, governance forums, cyber security performance reporting, and cyber risk management. This role plays a key part in strengthening the department's cyber resilience by identifying...

  • Senior Cyber Security Assurance and Risk Analyst

    2 days ago

    Melbourne, Victoria, Australia TalentWeb Consulting Full time $120,000 - $180,000 per year

    As the Senior Cyber Security Assurance and Risk Analyst, you will provide operational support in delivering Cyber Security governance, risk assurance, audit and compliance to ensure that Cyber Security strategic objectives are achieved and that information resources, particularly those critical to the functioning of the organisation, are secured effectively...

  • APS6 Cyber Security Risk Analyst

    15 hours ago

    Melbourne, Victoria, Australia Softtest pays pty Full time $80,000 - $120,000 per year

    Job Description: Australian Citizens residing in Australia only respond.Preferred NV1 Clearance or be willing and eligible to obtain.Essential criteria1. Minimum of 5 years experience in Cyber Governance, Risk and Compliance, or a related field of cyber security2. Must be an Australian citizen and hold a minimum NV1 Security Clearance3. Demonstrated...

  • Risk & Compliance Specialist

    6 days ago

    Melbourne, Victoria, Australia Guild Group Full time $80,000 - $120,000 per year

    Who are we.Guild Insurance is Australia's leading provider of insurance solutions for allied healthcare professionals. For over 60 years, we have delivered exceptional products, services, and unparalleled customer experiences, driven by genuine care for our clients' professional and financial well-being. With over 140 industry partnerships and 80,000...

  • Compliance and Risk Specialist

    11 hours ago

    Melbourne, Victoria, Australia Hudson Full time $90,000 - $120,000 per year

    Lead and manage complex compliance investigations.Provide advice, training, and mentoring on compliance and risk.Build strong relationships with internal and external stakeholders.Our client is seeking an experienced Compliance and Risk Specialist to join their Risk, Assurance and Standards team. In this role, you will lead and manage strategic...

  • Cyber Advisory

    15 hours ago

    Melbourne, Victoria, Australia Scyne Advisory Full time $120,000 - $180,000 per year

    One purpose, one practiceWe are public purpose sector specialists who support governments and their agencies, and not-for-profit organisations, to deliver services to Australians, helping to build more resilient, equitable, secure and prosperous communities. We are guided by our values of Stronger Together, Amplify Impact, Build Trusted Relationships, Value...

  • Senior Governance Risk Compliance Analyst

    1 week ago

    Melbourne, Victoria, Australia Future Fund Full time $70,000 - $120,000 per year

    About Future FundAt the Future Fund, we're for future minds - like yours. The new investors and creators who thrive on different thinking and doing it together. Those who glimpse opportunity before it strikes and step up every day to grab it.The Future Fund is Australia's Sovereign Wealth Fund, managing over $310 billion across seven public asset funds with...

  • Cyber Security Risk Analyst

    3 days ago

    Melbourne, Victoria, Australia Ignite Full time $130,000 - $1,560,000 per year

    $1300 per dayFederal Government DepartmentMelbourne, Canberra or Brisbane locationLooking to join one of Australia's most integralfederal government departments? This department helps to make life of allAustralians travel saferand is looking for aCybersecurity Risk Analyst. Based in the Melbourne, Brisbane or Canberra office,you will beproviding advice and...

  • Senior Cyber Security Risk Analyst

    5 days ago

    Melbourne, Victoria, Australia StraightUp Full time $80,000 - $120,000 per year

    StraightUp is looking for a Senior Cyber Security Risk Analyst to join our Critical Infrastructure client on an initial 6 month contract. This is part of a large Security uplift program expected to run for several years and you will work across multiple projects. Please note that due to the nature of this work, Australian Citizenship is required and the...