Information Security GRC Analyst

Posted: 03/10/2025

Closing Date: 31/10/2025

Job Type: Permanent - Full Time

Location: Collingwood or Mascot

Job Category: Banking and Financial Services

Through the merger of Bank Australia and Qudos Bank we're creating a better, stronger and more resilient bank for our customers and employees. As one company with two trusted brands, we're building on the strong foundations of our history and shared values as we bring together the best of both banks.

As Information Security GRC Analyst, you'll support the development and continuous improvement of Bank Australia's information security and third-party assurance frameworks. You'll manage the Information Security Policy Framework, including security controls, policies and standards, while providing expert guidance on compliance and risk management. Working closely with stakeholders across the business, you'll help strengthen the bank's security posture through effective governance, risk identification and assurance practices.

Why join us

• We have big plans to become Australia's leading purpose-driven bank.
• As a certified B Corp, we're part of a global business community who meet the highest social and environmental standards, balancing profit and purpose.
• Every role and person in our bank is essential to bringing our values, purpose and aspiration to life.
• We offer flexible working options, competitive salary and 13% super.
• Our staff have access to a range of meaningful benefits to support their physical and mental wellbeing including 24/7 free counselling, free flu vaccinations and discounted gym memberships.
• We also support staff with study assistance, paid parental leave (regardless of gender), volunteer, bereavement, gender affirmation and family violence leave; and the opportunity for bonus annual leave.
• We support our staff to grow their careers through learning and development and an organisational culture where we reward and recognise innovation and values, not long hours.
• We are committed to building an inclusive culture and a diverse workforce that reflects the Australian community.
• We care for a conservation reserve – where we work with key partner organisations to protect threatened species and involve staff in conservation.

What you will be doing

• Manage and maintain the Information Security Policy Framework, including controls, policies and standards
• Provide guidance on physical, procedural and technical security controls across systems and processes
• Conduct risk assessments and business impact analyses for medium complexity systems and architectures
• Support information assurance activities, including accreditation planning and stakeholder engagement
• Monitor and optimise operational security processes, including cloud-based and automated systems
• Identify and assess risks and vulnerabilities, develop mitigation strategies and report findings
• Provide expert advice on security compliance, regulatory obligations and best-practice standards
• Collaborate with internal teams and delivery partners to ensure effective implementation of security measures
• Review system alerts and contribute to the development of assurance processes and documentation
• Maintain recognised specialist knowledge and contribute to planning and operations within the GRC domain.

What you will bring

• Strong experience in Information Security, Cyber Security GRC, IT Audit or related fields
• Strong knowledge of contemporary security frameworks and standards (e.g. NIST, ISO27001, PCI DSS)
• Experience developing and maintaining security policies, procedures and control frameworks
• Ability to assess and manage risks, conduct impact analyses and support compliance activities
• Excellent stakeholder engagement, communication and collaboration skills
• Strong planning, analytical thinking and adaptability in complex environments
• Bachelor's degree in IT, business, finance or related field (desirable)
• Security certifications such as Security+, CISA or equivalent (desirable)
• Experience in financial services (highly regarded)
• Commitment to Bank Australia's purpose, values, and B Corp ethos.

By submitting an application you agree to Bank Australia's Privacy Policy for applicants and confirm that you are legally able to work in Australia. Bank Australia is an equal opportunity employer committed to sustainable development. We encourage people from different backgrounds to apply, including Aboriginal and Torres Strait Islander people, people from different cultural backgrounds and people with disabilities because we want to reflect the diversity of our communities. We are committed to making reasonable adjustments to provide a positive, barrier-free recruitment process and supportive workplace.

Bank Australia reserves the right to withdraw this advertisement at any time. Candidates will be progressed as applications are received, rather than after the advertisement closure date. If you wish to be considered, please submit your application as soon as possible. Please note, the successful candidate will be subject to satisfactory background checks including but not limited to police and previous employment.