Governance, Risk and Compliance Analyst at Megaport

Engineering, Full-time, Brisbane brisbane engineering analytics full-time
Posted a month ago

The Role

Governance, Risk and Compliance (GRC) Analyst, serving as a member of the Information Security team, is responsible for managing information security governance for Megaport.

The GRC Analyst is part of a team of risk management professionals who will be responsible for developing, monitoring, and enforcing policies, procedures and standards within the Risk Management Framework in support of Megaport's strategic, compliance and regulatory requirements.

The primary role of the GRC Analyst is to support the Information Security Manager (ISM) in governing the Information Security Management System (ISMS), risk management processes, and providing documented assurances to stakeholders. This includes validating the appropriate implementation of controls through effective audit and testing, tracking remediation, and identifying and managing opportunities for improvement. This role requires a balance of information security and technical IT experience.

About Megaport

Megaport has transformed the way IT gets connected. We're global leaders in Network as a Service (NaaS), changing the way businesses reach the cloud. We're also a leading partner to Amazon, Microsoft, Google, IBM, Oracle, NYSE, and many other leading technology companies. Megaport is a publicly traded company on the Australian Stock Exchange with a market cap exceeding $2 Billion. We’re a lean, high-achieving team made up of over 230 members globally. While the company is headquartered in Brisbane, Australia, employees are spread out across North America, Europe, and Asia-Pacific. Staff enjoy an environment that is collaborative, supportive, and fun.
Our Team Culture
Join a team of globally-positioned industry experts that lead by example. We do not compromise our values for commercial gain; we are all custodians of our culture, and the customer is at the centre of everything we do. Our employees are motivated, adaptable, persistent, hard-working, and dynamic. Our culture permeates everything we do and this, in turn with a global vision, forms a commitment to each other, our customers, and shareholders alike.

What You’ll Be Doing

  • Develop, review, and improve the policy, procedure, and processes necessary for effective security governance.
  • Assist in planning, performing,  and tracking ISMS meetings, tasks, and risk management activities.
  • Assist with  risk assessment, evaluation, reporting, and managing remediation tasks.
  • Manage and perform scheduled or ad hoc tasks in support and maintenance of Megaport's compliance obligations and certifications.
  • Coordinate internal and external audit and testing (i.e., scoping, planning, scheduling, evaluation, report generation, and remediation tracking).
  • Develop and maintain external assurance material (i.e., statements, questionnaires, and RFP response).
  • Evaluate and review regulatory and contractual requirements.
  • What We Are Looking For

  • Minimum of 1-2 years experience in IT audit, information security, risk management, compliance or other related fields.
  • Solid understanding of security principles and core domains.
  • Knowledge common compliance standards and control frameworks (e.g., NIST, CIS), web application security frameworks (e.g., OWASP, SAFEcode).
  • Understanding of common network and web application threats, vulnerabilities, and exploits.
  • Knowledge of current risks, trends, security frameworks and regulatory obligations.
  • Ability to understand business and technical requirements, collect and summarise key points, and communicate them at an audience appropriate level to ensure constant alignment.
  • Ability to collaborate with geographically distributed teams across multiple technical functions.
  • Excellent written and verbal communication skills, with good social skills and tact in all interactions to influence clear decision-making.
  • Self-motivated with a history of successful autonomous task execution.
  • Flexibility to handle various tasks concurrently with acute attention to detail.
  • A positive attitude and sense of humour; a desire to learn quickly in a dynamic environment and grow with the team.
  • What we offer

  • Flexible working environments with the ability to do your job from anywhere
  • Birthday Leave
  • Generous study and training allowance + 5 days paid study leave
  • Creative, fun, and contemporary workspaces
  • Motivated team of industry experts and new talent
  • Celebrated success with ‘Legend’ and ‘Kudos’ Awards
  • Health and wellness program
  • Opportunities for career growth and potential for global intra-company transfers for interested candidates
  • All applications will be treated in confidence. 
    Please see Part 2 of our Privacy Policy to see what information Megaport collects from job applicants, why, and how we store and use it.  Note that you’re entitled to know what personal data of yours Megaport holds, to request updates, rectification, and in some circumstances restriction or deletion thereof if you object (you being entitled to withdraw your consent to our holding your information at any time). Please see Part 5 of our Privacy Policy for more details on this and how to contact Megaport's data protection officer if you have any further privacy-related questions.
    Candidates who meet the selection criteria will be invited to attend an interview
    Strictly no Recruitment Agencies please.