Cyber Governance, Risk and Compliance Specialist – Brisbane, Australia
The GRC Specialist role is an exceptional opportunity for professionals passionate about information security governance, risk management, and compliance. You will play a critical role in shaping and advancing Boeing's security posture by partnering with diverse teams across IT, legal, engineering, and business units. This is a newly created position.
This position offers the chance to lead impactful initiatives such as risk assessments, compliance programs to align with ISM and security control implementations, providing a broad and meaningful scope of responsibility with high visibility programs.
Due to the international nature of the role and business as a whole, there may be the requirement to support after‐hours meetings and calls; however, flexibility is encouraged. Some domestic travel may be required.
Responsibilities
* Develop, maintain, and communicate enterprise information security policies, standards, procedures, and guidelines.
* Lead and execute risk assessments (e.g., asset, vendor, application) and coordinate remediation tracking and reporting.
* Maintain the compliance program for applicable regulations and frameworks.
* Manage internal and external audits and assessments, including preparation of evidence, remediation plans, and auditor engagement.
* Operate or oversee third‐party risk management: vendor due diligence, contract security clauses, and ongoing monitoring.
* Coordinate security control implementation and validation across IAM, encryption, logging, patching, network segmentation, and endpoint protections.
* Develop metrics and reporting for leadership and the board: risk heat maps, compliance status, control effectiveness, and security incident trends.
* Drive security awareness and training programs for employees and contractors.
* Support incident response and root‐cause analysis with a focus on lessons learned and control improvements.
* Advise product and engineering teams on secure design, privacy‐by‐design, and compliance requirements for new features and integrations.
Basic Qualifications (Required)
* 3+ years experience in information security governance, risk management, or compliance, with demonstrable experience mapping to ISM or similar national‐level security guidance.
* Familiarity with secure configuration baselines, vulnerability management, identity and access controls, and cryptography best practices.
* Strong written and verbal communication skills; able to produce policies, control mappings, and concise executive reporting.
* Remediate critical and high‐risk ISM findings.
* An understanding of security monitoring, incident response, and threat intelligence processes.
* Familiarity with security technologies and tools such as SIEM, IDS/IPS, and endpoint protection systems.
* Experience with incident handling and response methodologies, including evidence collection and analysis.
* Knowledge of security frameworks and standards such as Australian Government ISM, NIST, ISO 27001, or CIS Controls.
* Strong analytical and problem‐solving skills.
* Excellent communication and collaboration skills to work effectively with cross‐functional teams.
* A NV1 clearance with the ability and willingness to obtain a NV2.
Preferred Qualifications (Desired)
* Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
Benefits
* Cutting edge projects
* Flexible working options
* Competitive remuneration and incentive plan available
* Discounts for health insurance, travel and accommodation
* Salary packaging options
* Health and wellbeing benefits
Equal Opportunity Employer
We are an equal opportunity employer. We do not accept unlawful discrimination in our recruitment or employment practices on any grounds including but not limited to; race, color, ethnicity, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military and veteran status, or other characteristics covered by applicable law. Applicants are encouraged to share any accommodations required during the recruitment process.
Security Clearance
Applicants must be Australian Citizens to meet defence security requirements with the ability to obtain Australia Negative Vetting Level 1 clearance.
Export Control
This is not an Export Control position.
Relocation
Relocation assistance is not a negotiable benefit for this position.
Visa Sponsorship
Employer will not sponsor applicants for employment visa status.
#J-18808-Ljbffr