Cyber Governance, Risk And Compliance Lead

**Cyber Governance, Risk and Compliance Lead - Sydney Office - Permanent Full Time**

A great opportunity for a **Cyber Security Governance, Risk and Compliance**

**(GRC) Lead**, in partnership with the Cyber Security GRC Manager, the Lead will be responsible for the delivery of the Cyber Security Governance, Risk and Compliance initiatives.

You will work collaboratively with various internal teams and stakeholders to design, implement,and monitor cyber security policies, procedures, and controls to strengthen our cyber posture and align our practices with industry standards and regulatory requirements.

**Who are you?**
- Provide expert guidance and counsel on all cyber security GRC matters as needed
- Provide expert guidance to and support of the security strategy and roadmap, including the implementation of new cyber security technologies and services.
- Provide expert guidance to and support for the ongoing maintenance of the Information Security Management System (ISMS) to ensure compliance and certification against the ISO 27001 standard.
- Provide expert guidance to and support of the PCI DSS program to ensure alignment and Compliance with the standard.
- Regularly review and update cyber security policies, standards, and guidelines to address emerging threats and changes in the regulatory landscape.
- Coordinate risk mitigation activities by working closely with technology, product, engineering,and business teams to prioritise and implement appropriate security controls.
- Monitor and report on cyber security risks to senior management and propose mitigation strategies and recommendations.
- Provide expert guidance to and support for compliance activities with relevant cyber security regulations and industry standards (e.g., Privacy Act, GDPR, ISO 27001, PCI DSS, NIST CSF,etc.).
- Provide expert guidance to and support for cyber security awareness programs to educate employees and uplift cyber security culture.
- Assist with the preparation and coordination of external audits, assessments, and certifications.

**Attributes**
- Proven experience of supporting, implementing and managing a cyber security governance, risk, and compliance program.
- In-depth knowledge of cyber security frameworks, standards, laws and regulations.
- Good understanding of Cyber Security principles, practices and technologies.
- Good understanding of cyber risk management, including tooling, reporting

and treatment.
- Good communication skills, both written and verbal.

**Education**
- Tertiary qualifications in Computer Science, Software Engineering, cyber security or a related field.
- Relevant certifications (e.g., CISSP, CISM, CISA, CRISC, ISO/IEC 27001 Lead Auditor) are highly desirable

**Why join us?**

We're the right size business for you to make a real impact, with a workplace culture where you can be you. Perks of the role include:

- Discover your ideal work-life balance with our approach to flexibility - whether it's adjusted hours or making the most of working remotely and from our offices, let's chat about what works best for you;
- First-rate parental leave and wellbeing policies;
- Access to _Perkbox_, giving you discounts across healthcare, entertainment, food, utilities and more
- Continuous opportunities to leap, learn and grow.

We don't just talk, we do. Every day we solve property problems for Australians and beyond. We encourage our people to see the possibilities, and turn them into realities. That's why we want you.

**Who are we?**

We shine a light on all things property. Our business aims to simplify the property journey for all involved; motivated by expertise and our exclusive data.

Changing the way people engage with property requires a team of diverse thinkers.

**What's next?