Cyber Governance Risk and Compliance Specialist

21 hours ago

Melbourne, Victoria, Australia C9 Group Full time $120,000 - $150,000 per year

Role: Cyber Governance Risk and Compliance Specialist

Salary: 100,000 AUD plus SUPERANNUATION

Job Type: Full-time, Permanent

Working Hours: 38 hours per week

Location: Melbourne, Victoria, Australia

Key Responsibilities

  • Lead the governance, risk, and compliance (GRC) function for cyber security, ensuring alignment with organisational objectives, regulatory requirements, and industry best practices.
  • Develop, implement, and manage enterprise-wide information security governance, risk management, and compliance programs.
  • Ensure adherence to applicable Australian and international cybersecurity laws, regulations, and standards
  • Plan, implement, and conduct internal and external audits for various standards, including ISO 27001, ISO 22301, ISO 27701, SOC 2, and NIST frameworks.
  • Develop, implement, and maintain cyber security policies, standards, guidelines, and procedures, including database-related security documentation.
  • Implement and administer database documentation, guidelines, policies, and procedures to ensure data integrity, confidentiality, and availability.
  • Test database systems and upgrades, including debugging, issue reproduction, logging, tracking, and resolving all identified problems in accordance with approved quality testing scripts, procedures, and processes.
  • Conduct and maintain comprehensive cyber risk assessments and maintain an up-to-date risk register.
  • Lead cyber control assurance and testing activities to validate control effectiveness.
  • Perform third-party security risk assessments and contractual security clause reviews.
  • Manage compliance with internal security policies and regulatory requirements, ensuring evidence-based audit readiness.
  • Oversee security exemptions, waivers, and cyber maturity assessments.
  • Deliver actionable cyber security reporting, dashboards, and key risk metrics to executives and stakeholders.
  • Collaborate with IT, Legal, Audit, and business units to embed GRC requirements into technology and operational processes.
  • Support continuous improvement of governance frameworks, processes, and toolsets.

Key Skills & Experience

  • Degree in Information Technology, Computer Science, Cybersecurity, or related discipline; or equivalent professional experience.
  • 8+ years' experience in information security, with a strong focus on governance, risk, and compliance.
  • Proven track record of planning, implementing, and auditing security frameworks, including ISO 27001, ISO 22301, ISO 27701, SOC 2, and NIST.
  • Demonstrable experience conducting cyber risk assessments, managing risk registers, and overseeing remediation activities.
  • In-depth understanding of common security frameworks and regulations, including AESCSF, ISO 27001, Essential Eight.
  • Strong knowledge and hands-on experience in Network, Cloud, and Virtualisation platforms.
  • Practical experience with EDR, MDR, DLP, email security, and vulnerability management solutions.
  • Familiarity with GRC platforms and related reporting tools.
  • Experience in database security governance, including implementing documentation, policies, and procedures.
  • Experience with database system testing (debugging, reproducing, tracking, and resolving issues) in line with quality assurance processes.
  • Excellent analytical, problem-solving, and communication skills, with the ability to convey complex concepts to both technical and non-technical audiences.
  • Relevant industry certifications (CISSP, CISA) – mandatory.
  • Experience working in regulated industries such as energy/utilities, financial services, or government is advantageous.

  • Cyber Governance, Risk and Compliance Manager

    2 weeks ago

    Melbourne, Victoria, Australia St John of God Health Care Full time $150,000 - $180,000 per year

    Your role at St John of God Health CareThis is an exciting time to join, as we are digitalising our future through a major investment in technology transformation to enhance patient care and experience. Our Digital Security team is at the forefront of this journey ensuring our systems, data, and people remain secure.St John of God Health Care (SJOG) are...

  • Principal Cyber Security Governance Risk and Audit Analyst

    1 week ago

    Melbourne, Victoria, Australia Department of Health Full time $70,000 - $120,000 per year

    About the role:The Principal Cyber Security Analyst Governance, Risk & Audit is responsible for leading and executing end-to-end activities related to internal and external audits, governance forums, cyber security performance reporting, and cyber risk management. This role plays a key part in strengthening the department's cyber resilience by identifying...

  • Principal Cyber Security Governance Risk and Audit Analyst

    1 week ago

    Melbourne City Centre, Victoria, Australia Victorian Government - Department of Health Full time $120,000 - $180,000 per year

    About the role:The Principal Cyber Security Analyst Governance, Risk & Audit is responsible for leading and executing end-to-end activities related to internal and external audits, governance forums, cyber security performance reporting, and cyber risk management. This role plays a key part in strengthening the department's cyber resilience by identifying...

  • Risk & Compliance Specialist

    6 days ago

    Melbourne, Victoria, Australia Guild Group Full time $80,000 - $120,000 per year

    Who are we.Guild Insurance is Australia's leading provider of insurance solutions for allied healthcare professionals. For over 60 years, we have delivered exceptional products, services, and unparalleled customer experiences, driven by genuine care for our clients' professional and financial well-being. With over 140 industry partnerships and 80,000...

  • Compliance and Risk Specialist

    19 hours ago

    Melbourne, Victoria, Australia Hudson Full time $90,000 - $120,000 per year

    Lead and manage complex compliance investigations.Provide advice, training, and mentoring on compliance and risk.Build strong relationships with internal and external stakeholders.Our client is seeking an experienced Compliance and Risk Specialist to join their Risk, Assurance and Standards team. In this role, you will lead and manage strategic...

  • Cyber Advisory

    24 hours ago

    Melbourne, Victoria, Australia Scyne Advisory Full time $120,000 - $180,000 per year

    One purpose, one practiceWe are public purpose sector specialists who support governments and their agencies, and not-for-profit organisations, to deliver services to Australians, helping to build more resilient, equitable, secure and prosperous communities. We are guided by our values of Stronger Together, Amplify Impact, Build Trusted Relationships, Value...

  • Senior Cyber Governance Officer

    2 weeks ago

    Melbourne, Victoria, Australia Emanate Technology Pty Ltd Full time $150,000 per year

    We are seeking a skilled Senior Cyber Governance Officer to lead governance, risk, and compliance activities across a growing enterprise security function. This is an exciting opportunity to shape security posture, strengthen compliance frameworks, and work directly with senior leadership to support both internal operations and client-facing services. About...

  • Senior Governance Risk Compliance Analyst

    1 week ago

    Melbourne, Victoria, Australia Future Fund Full time $70,000 - $120,000 per year

    About Future FundAt the Future Fund, we're for future minds - like yours. The new investors and creators who thrive on different thinking and doing it together. Those who glimpse opportunity before it strikes and step up every day to grab it.The Future Fund is Australia's Sovereign Wealth Fund, managing over $310 billion across seven public asset funds with...

  • Risk & Compliance Specialist

    2 weeks ago

    Melbourne, Victoria, Australia Sportsbet Full time $90,000 - $120,000 per year

    5 weeks annual leave + other amazing benefitsGenuine Career Development opportunitiesMelbourne based role (WFH Monday and Fridays)About UsAtSportsbet,we'reall about bringing excitement to life for our 2.4million customers. As part of the global Flutter Group,we'rea tight-knit team of 1,300 in Melbourne, Sydney, and Darwin, passionate about challenging the...

  • Technology Risk and Compliance

    5 days ago

    Melbourne, Victoria, Australia Infosys Singapore & Australia Full time $120,000 - $250,000 per year

    Location: Sydney/Melbourne Only. Please do not apply if you do not reside in Australia.About Infosys ConsultingAs a Senior Principal within Infosys Consulting, you will pursue and grow deep client relationships, operating at the executive and senior management levels. You will also provide leadership on our most critical engagements, working closely with...