Security GRC Analyst at Whispir

Security, Melbourne, Victoria, Australia melbourne analytics
Posted 13 days ago

Whispir is growing and so is the information security team. There is a current opportunity for a junior GRC analyst to join the team and gain exposure to a global ASX listed company working across multiple regulatory jurisdictions implementing continuous cloud controls assurance processes as well as opportunities within security engineering:

Key responsibilities:

  • Maintaining information security risk and issues registers 
  • Supporting compliance and audit activities including ISO27001 certification
  • Maintaining and improving the IS Policy framework including standards, processes and procedures
  • Liaising with and presenting risks, compliance status and control effectiveness to key stakeholders across the business including senior leadership team  
  • Executing supplier security due diligence assessments
  • Participating in pre and post sales customer assurance requests
  • Develop information security reporting and dashboards 
  • Participate in Privacy Impact Assessments
  • Develop and maintain a continuous controls assurance program with a focus on cloud computing

Experience & Skills

  • 1-2 years experience in a GRC, IT audit, privacy or similar role
  • Exposure to regulatory and compliance frameworks including any of the following: ISO27001, ISO27018, Privacy legislation, PCI-DSS, APRA CPS 234  
  • Knowledge of a scripting language would be highly regarded