Cyber Security GRC Associate

THE COMPANY:

More ) and Tangerine ) are two fast-growing challenger brands in the telecommunications space, offering nbn, mobile and fixed voice products to consumers and small businesses right across Australia. We're rapidly expanding and on the lookout for a Cyber Security GRC Associate.

As the Cyber Security GRC Associate at More Telecom and Tangerine Telecom, you'll join a multi-award-winning company. We were certified as a 'Great Place to Work' in 2023, named Smart50 Workplace Winners for our inventive approach to people and culture, and included in the AFR Fast 100 for 2003. We take pride in creating a workplace that values simplicity, transparency, and customer support.

We're part-owned by the Commonwealth Bank of Australia (CBA) who acquired a stake in mid-2021, a partnership that delivers special benefits for CommBank customers and staff.

ABOUT THE ROLE:

We're looking for a motivated Cyber GRC Associate to join our Cyber Security team in Melbourne. This junior role is ideal for recent graduates or professionals with 1–2 years of experience who are passionate about cybersecurity and eager to grow in a dynamic environment.

As a GRC Associate, you'll support the organisation's cybersecurity governance and assurance activities. You'll contribute to documenting controls, conducting risk assessments, maintaining compliance records, and continuously improving our security posture.

You'll work closely with our Cyber Security Architect and other stakeholders to ensure our practices align with internal policies, regulatory obligations, and recognised industry standards.

RESPONSIBILITIES:

• Assist in documenting and maintaining key cybersecurity controls in alignment with standards such as ISO/IEC 27001 and PCI-DSS.
• Support the maintenance of the Cyber Risk and Controls Register in collaboration with technology, risk, and compliance stakeholders.
• Contribute to control testing activities using the company's Assurance Methodology to help evaluate the effectiveness of cybersecurity controls across systems, applications, and IT General Controls.
• Help develop and maintain cybersecurity policies, standards, and procedures under the guidance of senior team members.
• Assist in integrating key controls into GRC platforms (e.g., Vanta) and automated assurance tools to support control automation and monitoring.
• Support the preparation of management reports and dashboards that provide visibility into the risk and control landscape.
• Track progress on risk reduction initiatives and assist in documenting remediation efforts.

EXPERIENCE & SKILLS:

Experience

• 1–2 years of experience in cybersecurity, IT risk, compliance, or audit roles, or relevant academic/internship experience.
• Familiarity with industry frameworks and standards such as ISO/IEC 27001, and PCI-DSS is highly desirable.
• Basic understanding of IT General Controls (ITGCs) and foundational knowledge of risk assessment and control assurance practices.
• Exposure to technologies such as Azure, firewalls, identity and access management (IAM), intrusion detection/prevention systems (IDS/IPS), encryption, and SIEM platforms.
• Experience or familiarity with GRC platforms and/or Continuous Controls Monitoring and Assurance (CCMA) tools—experience with platforms such as Vanta is a strong advantage.

Skills

• Degree in cybersecurity or related fields.
• Strong attention to detail and a structured, process-oriented mindset.
• Basic understanding of cybersecurity principles, risk management, and compliance frameworks.
• Ability to interpret and apply policies, standards, and regulatory requirements.
• Proficient in documenting processes, controls, and findings clearly and accurately.
• Effective communication skills, both written and verbal, with the ability to collaborate across technical and non-technical teams.
• Analytical thinking and problem-solving abilities, with a willingness to learn and adapt.
• Familiarity with Microsoft Office tools (Excel, Word, PowerPoint); experience with GRC platforms (e.g., Vanta) is a plus

THE PERKS

Apart from a great company culture, we offer you:

• Free home internet & mobile phone plan
• Ongoing learning and development opportunities
• $150 voucher and a day off to celebrate your birthday.
• Generous paid Parental Leave
• Work anniversary prizes
• Positive Customer Feedback & Employee Shout Out prizes.
• AFL and BBL season tickets
• Samsung product discounts through our partnership
• Partnerships with reputable charities, namely, Telco Together and Pancare
• Our famous Christmas party (it's a big deal)

This is a fantastic opportunity to kickstart your career in cybersecurity while making a meaningful impact on our organisation's risk and compliance maturity.