About The Role
The Information Security Governance, Risk and Compliance Specialist is responsible for assessing and documenting compliance and risk exposure related to the company's digital assets and customer data. They are also responsible for utilising their technical and information security expertise to assist in the development and implementation of an information security strategy and assurance program.
Tasks And Responsibilities
* Develop, implement, and maintain Information Security policies and procedures in accordance with ISO27001 and NIST standards.
* Assist in the maintenance and continual improvement of the Information Security Management System (ISMS), including the monitoring and reporting on the effectiveness of security controls and compliance efforts.
* Conduct vendor and solution risk assessments and gap analyses to identify areas of improvement in our security posture, including our supply chain.
* Collaborate with cross-functional teams to ensure compliance with security standards and regulatory requirements. As well as provide guidance on the implementation of security controls and best practices.
* Develop and deliver training programs to enhance awareness and understanding of GRC practices across the organisation.
* Assist with internal compliance and privacy audits and prepare for external audits related to ISO27001.
* Perform vulnerability analysis based on penetration test results and assist prioritization of resolution efforts. As well as track the remediation of identified vulnerabilities, ensuring timely and effective resolution.
* Stay up to date with the latest developments in security standards and regulatory requirements.
*SKILLS AND EXPERIENCE*
* Bachelor's degree in information security, computer science, or a related field.
* Professional certifications such as CISSP, CISM, CRISC, or ISO27001 Lead Auditor/Implementer.
* Proven experience in GRC roles with a focus on NIST or ISO27001 standards.
* Strong understanding of risk management principles and methodologies, particularly in supply chains.
* Excellent analytical, problem-solving, and communication skills.
* Ability to work independently to achieve goals.
* Detail-oriented with a commitment to maintaining high standards of quality and accuracy.
*ABOUT YOU*
* Ability to work collaboratively and influence stakeholders at all levels of the organisation
* Demonstrates flexibility and ability to work under pressure and manage competing priorities
* High integrity and strong understanding of professional ethics
* Strong organisational and prioritisation skills - meets specified deadlines and reports regularly on progress
* High level of motivation, energy and drive to achieve
* Energy, enthusiasm and a passion for people leadership, coaching and technology
* Excellent judgement, discretion and tact in dealings with people
* Communicates professionally at all levels building trust and empathy
*Who we are...*
We are a financial services company that specializes in fleet management, vehicle leasing and salary packaging, with a presence across Australia, the UK and NZ. A total portfolio under management of $2.5 Billion and over 1100 employees.
*Some of our perks include...*
* Recharge and relax with up to 4 days of wellness days every year
* We offer industry leading 20 weeks paid parental leave
* Monetary service milestone awards
* Career progression opportunities
* Education support towards learning and development, includes a learning budget per year, free access to LinkedIn Learning and more
* Two paid volunteer days each year
* Health and wellbeing support including a subsidy and an Employee assistance Program
What's next...
We'd love to hear from you if you're ready to take on your next challenge at a company that embodies diversity, work-life balance, and career development.
We are a proud equal opportunity employer. Interviews may take place prior to closure date for applications. To give yourself the best chance of selection, please do not leave your application to the application 'close' date. As a pre-requisite to employment, the successful applicant will be required to complete a pre-employment screening.
Aboriginal and Torres Strait Islander candidates are encouraged to apply.