Cyber Security Governance, Risk

Join our vibrant team at GWA, where our rich Australian and New Zealand heritage, technical expertise, and innovative drive, combine with our iconic brands to create something truly extraordinary. For over a century, we've been crafting innovative, high-quality products for homes and offices, including market-leading brands like Caroma, Methven and Clark.

Your new role

We take cyber security seriously at GWA and it is pivotal to supporting our digital transformation and managing the direction of the infrastructure underpinning our digital growth. To bring all of this to life, we are looking for a Cyber Security Governance, Risk & Compliance Engineer in all facets of modern enterprise technologies to help us bring this transformation to life. Internally this role will be known as a Cyber Security Engineer.

This is a permanent, full-time position based in our Prestons office.

You will proactively partner with your stakeholders and the Technology team to drive best practice cyber security leadership across our transformation projects, all whilst supporting ongoing operational security activities.

As our new Cyber Security GRC Engineer, your key responsibilities will include but will not be limited to:

• Lead the development, implementation, and improvement of cyber governance frameworks, policies, and procedures.

• Oversee compliance with ISO27001standards.

• Manage risk assessments, audits, and incident response planning for clinical and digital environments.

• Advise on regulatory changes and ensure organizational readiness for compliance.

• Collaborate with internal and external stakeholders to promote a culture of security and compliance.

• Monitor and report on compliance metrics, risk posture, and audit outcomes to executive leadership.

• Support integration of AI governance, data protection, and privacy controls in clinical systems.

• Champion secure-by-design principles in service architecture and digital transformation initiatives.

Secondary Responsibilities

• Provide hands-on engineering capability for securing cloud services, especially Microsoft Azure.

• Support system troubleshooting and resolution of high-priority security issues.

• Design and develop resilient, secure patterns for cloud services and infrastructure.

• Implement and manage Microsoft Purview for Data Loss Prevention (DLP), Insider Risk Management, and Information Protection, PIM, Azure AD, Sentinel, Defender, Cloud App Security, VWAN.

• Oversee vulnerability and patch management tools (e.g., Rapid7).

• Apply secure code practices and automation pipelines.

• Conduct logging and monitoring using cloud-native SIEM architecture.

About you

You bring at least 3+ years of experience in cyber governance, risk management, and compliance—ideally within regulated environments. Your background includes:

• Implementing ISO27001 or similar frameworks in IoT settings.

• Deep understanding of ISO27001requirements and regulations.

• Experience with AI governance, data loss prevention, insider risk management, and information protection.

• Familiarity with public cloud infrastructure, Azure platforms, and Microsoft Purview.

• Strong stakeholder engagement and communication skills.

Technical Qualifications (Required/Highly Desirable):

• Certified ISO/IEC 27001 Lead Implementer

• Cybersecurity industry certifications such as CISSP, CISM

• Microsoft Azure AZ-500 certification.

• Experience with MS Azure Security services (PIM, Azure AD, Sentinel, Defender, etc.).

Why you'll love it here

At GWA, you'll join a supportive, customer‑focused team that values collaboration and growth. We're on a journey from Good to Great, working with iconic brands and making a real difference for our customers every day.

You'll enjoy a great team environment, hybrid work options, onsite parking, and great product discounts, plus wellbeing support and an onboarding program that sets you up for success from day one.

Ready to make a difference?

Apply now and help us deliver service that stands out.

Ready to apply? Great Just click the apply button to build your career with us Please note: You must be a citizen, permanent resident or hold all the relevant employment visas and other approvals for the location and duration of this position to apply for this role. Please note that we are not accepting applications from agencies for this position.