Cyber Security Risk and Compliance Specialist at THE ICONIC

Security, Sydney sydney
Posted 29 days ago

Cyber Security Risk and Compliance Specialist

At THE ICONIC, innovation drives us; we believe that innovation should not be sitting in a siloed team but rather be part of everyone and everything we do & deliver. Every person in tech has a voice and we find that our best work is achieved through collaboration (usually over a coffee in front of a whiteboard). 

We have over 100 people in tech. This means that our skills and experience are diverse, allowing for greater collaboration and constant learning. All of our teams are cross-functional, mission-driven and able to iterate from inception to production (DevOps mentality) without being blocked or having to ask permission from other teams. We love to move fast and validate learning using data (lucky for us our Data Science & Analytics team is also world-class!)

We look for people who can solve problems at scale. Our systems handle a massive amount of traffic, and with more than 5 million customers visiting each month, and protecting our customers is our number one priority. 

As part of THE ICONIC’s growing Security team, you will be responsible for helping continuously improve the overall security landscape for THE ICONIC. You will be responsible for performing testing and ensuring compliance for local and global security standards. You will work closely with our stakeholders to enhance all aspects of THE ICONICs cybersecurity practices as they work to implement the changes you recommend. 

What’s involved…

You will be working in an agile environment on enterprise-level, high-quality software to support THE ICONIC as a leader in the online retail space allowing you to constantly adapt technology to maintain a safe and secure environment for our customers, employees and business.

About you…

We are looking for the below skills and experience:

  • +2 years experience with compliance testing against ISO27001 or NIST 800-53
  • +2 years experience in IT Audit, operations, or risk consulting
  • +1  year experience in risk-based visibility and reporting
  • +1 year experience in audit and reporting tooling for risk reporting and remediation

Experience with the following a plus

  • ​​SACA CISA, ISO 27001 Lead Auditor certification
  • Knowledge of, or experience working with, at least one cloud platform including AWS, Azure, or GCP technologies/environments. 
  • Experience working with Information Security, GRC, ERM, Technology, Business, and Legal/Privacy functions
  • Strong verbal and written communication skills, including the ability to provide technical thought leadership on security risk calls with other technology teams, and the ability to translate complex technical concepts into plain English for consumption by non-technical audiences.
  • Familiarity with agile and lean software development

Life at THE ICONIC...

Our culture of learning is an environment that supports and encourages the collective discovery, sharing and application of knowledge. This helps us to continually improve, achieve goals and attain new possibilities every day. From our ways of working and collaboration to our growth mindset and sustainable approach, we each add unique value and have an incredible amount of fun doing it! To read more about our purpose, mission and principles, please visit our Careers page:

Additional Information: 

We are committed to providing reasonable arrangements to all individuals participating in our application and interview process, and while performing job functions. If you require any accommodations or adjustments prior to the submission of your application or throughout your interview process, please contact our Talent Acquisition team directly: [email protected]