Cyber Governance, Risk, and Compliance
12 hours ago
About the Role
We are seeking an experienced Cyber Governance, Risk, and Compliance (GRC) Specialist to lead the implementation and continuous improvement of our organisation's cybersecurity governance framework. This position is pivotal in ensuring that our systems, data, and infrastructure adhere to internal policies and external regulatory obligations, while proactively managing cyber risk and compliance across the enterprise.
You will work closely with executive leadership, IT teams, and external stakeholders to develop strategies, monitor controls, and report on risk posture, audit outcomes, and compliance metrics.
Key Responsibilities
- Lead the design, implementation, and management of cybersecurity governance frameworks, including policies, standards, and procedures aligned to ISO 27001, NIST, Essential Eight, and other relevant standards.
- Perform risk assessments and control evaluations to identify cybersecurity risks across infrastructure, applications, and third-party vendors.
- Develop and maintain the organisation's information security risk register and assist in the treatment planning and mitigation strategies.
- Coordinate internal and external audits related to cybersecurity and manage compliance reporting (e.g., SOC 2, ISO 27001, CPS 234, GDPR).
- Provide expert advice to business and IT leaders regarding security requirements, regulatory changes, and risk implications of new projects or technologies.
- Monitor compliance with security policies, identify gaps, and drive remediation in collaboration with system and security teams.
- Develop metrics and reporting dashboards for executive oversight of cyber risk, control effectiveness, and incident trends.
- Lead training and awareness initiatives to embed a culture of security and compliance across all departments.
- Liaise with external auditors, regulators, and compliance authorities where required.
Required Skills & Experience
- Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or related field.
- Minimum 5 years of experience in a cybersecurity GRC or Information Security Compliance role.
- Strong understanding of risk management frameworks (e.g., ISO 27005, NIST RMF, FAIR), and regulatory standards (e.g., CPS 234, GDPR, PCI-DSS, SOX).
- Demonstrated experience leading internal/external security audits and vendor risk assessments.
- Excellent communication and stakeholder engagement skills, including report writing and executive briefings.
- Familiarity with GRC platforms and SIEM tools (e.g., Archer, ServiceNow GRC, Splunk, Microsoft Defender).
- Relevant certifications preferred: CISM, CISSP, CRISC, ISO 27001 Lead Auditor, or equivalent.
Why Join Us?
- Work with a dedicated team driving cyber resilience across the organisation.
- High-visibility role influencing security posture and risk culture at the executive level.
- Career development and upskilling opportunities in a supportive environment.
- Flexible working arrangements with a hybrid or remote-friendly structure.
Job Types: Full-time, Permanent
Pay: $70,000.00 – $120,000.00 per year
Benefits:
- Work from home
Work Authorisation:
- Australia (Required)
Work Location: Hybrid remote in Sydney NSW 2000
-
Sydney, New South Wales, Australia Fujitsu Full time $120,000 - $150,000 per yearAbout the job Expression of Interest_ Governance, Risk and Compliance (GRC)We Are FujitsuWe use technology to make happier lives. We are a global leader in technology and business solutions that transform organizations and the world around us. We have a long heritage of bringing innovation and expertise, continuously working to contribute to the growth of...
-
Lead Cyber Security Consultant
2 weeks ago
Sydney, New South Wales, Australia Skylight Cyber Security Full timeAbout Skylight CyberAt Skylight Cyber, we're young, transparent, and culture-focused boutique cyber security firm specialising in providing high-end services to enterprises globally. We provide our customers with world class expertise to build and continuously evolve an effective security stack across people, process, and technology.We thrive and are...
-
Manager-Technology Risk and Cyber
2 days ago
Sydney, New South Wales, Australia KPMG Australia Full time $120,000 - $180,000 per yearJob DescriptionAbout the TeamAt KPMG Australia, our Consulting Technology Risk and Cyber team is at the forefront of enabling organisations to navigate the complex world of technology, cyber threats, and information security. We deliver impactful and innovative solutions tailored to our clients' needs, helping them identify and manage technology risks,...
-
Cyber Risk Analyst
7 days ago
Sydney, New South Wales, Australia NSW Department of Customer Service Full time $113,574 - $125,720 per yearCyber Risk Analyst, Ongoing opportunity based in Sydney plus flexible/hybrid working options availableThe Department of Customer Service is looking for a Cyber Risk Analyst to join our growing teamBenefitsFantastic ongoing clerk grade 7/8 Opportunity.Salary range: $113,574 - $125,720 plus superannuation, commensurate with experience.Genuinely flexible...
-
Cyber Risk Analyst
6 days ago
Sydney, New South Wales, Australia NSW Government Full time $113,574 - $125,720 per yearCyber Risk Analyst, Ongoing opportunity based in Sydney plus flexible/hybrid working options availableThe Department of Customer Service is looking for a Cyber Risk Analyst to join our growing teamBenefitsFantastic ongoing clerk grade 7/8 Opportunity.Salary range: $113,574 - $125,720 plus superannuation, commensurate with experience.Genuinely flexible...
-
Cyber Risk Analyst
6 days ago
Sydney, New South Wales, Australia myCareer - NSW Government Full time $113,574 - $125,720 per yearCyber Risk Analyst, Ongoing opportunity based in Sydney plus flexible/hybrid working options available The Department of Customer Service is lookingfor a Cyber Risk Analyst to join our growing teamBenefitsFantastic ongoing clerk grade 7/8 Opportunity.Salary range: $113,574 - $125,720 plus superannuation, commensurate with experience.Genuinely flexible...
-
Sydney, New South Wales, Australia Kyndryl Full time $120,000 - $180,000 per yearWho We AreAt Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.The RoleAs a ...
-
Senior Cyber Risk Analyst
2 weeks ago
Sydney, New South Wales, Australia NSW Department of Customer Service Full timeSenior Cyber Risk Analyst, Ongoing opportunities based in Sydney CBD, plus hybrid/flexible working options available. The Department of Customer Service (DCS) is looking for a Senior Cyber Risk Analyst and Insights to join our growing team BenefitsFantastic ongoing clerk grade 9/10 opportunity.Salary range: $129,464 - $142,665+ super commensurate with...
-
Senior GRC Consultant
2 weeks ago
Sydney, New South Wales, Australia e2 Cyber Full timeWe are seeking aCyber Security GRC Consultantto join a growing advisory team delivering high impact security and compliance outcomes for clients across Australia. This is aclient facing consulting rolewhere you will work directly with stakeholders across financial services, healthcare, critical infrastructure, and government sectors to strengthen cyber...
-
Cyber Security Compliance Coordinator
2 weeks ago
Sydney, New South Wales, Australia Torch Professional Services Full time $80,000 - $120,000 per yearAbout The RoleAs the Cyber Security Compliance Coordinator, you will be responsible for ensuring our client's networks, information, and digital assets remain secure and compliant with industry standards and regulations. Reporting to the Chief Digital Officer, you will collaborate with executives, elected representatives, and key stakeholders to identify...
