GRC Analyst (Security Compliance & Risk)
STACK Infrastructure · South Yarra, Victoria, AU
Summary: The GRC Analyst (Security Compliance & Risk) plays a crucial role in ensuring that our organisation adheres to security compliance standards and eff...
Job description
Summary: The GRC Analyst (Security Compliance & Risk) plays a crucial role in ensuring that our organisation adheres to security compliance standards and effectively manages risks within the building and construction industry. Based in South Yarra, Victoria, this permanent full-time position is essential for safeguarding our operations and maintaining our reputation in the market. The successful candidate will collaborate with various teams to implement and monitor compliance frameworks, ensuring that we meet both regulatory and internal standards. Key Responsibilities: - Maintain and operate ISO 27001 ISMS and SOC 2 Type II compliance programs - Support DISP compliance and ongoing obligations - Collect, review, and manage audit evidence across controls - Prepare for and coordinate internal and external audits - Track and remediate audit findings and control gaps - Maintain documentation across personnel, physical, and information security domains - Assist with DISP reporting and audit activities - Maintain and update security policies, standards, and procedures - Ensure controls are implemented and operating effectively - Work with teams across engineering, IT, and operations to e...