Hey there, Cyber GRC types. Let’s talk about cyber compliance. Not the “tick-the-box” paper pushing kind of cyber compliance, but the real-deal, mission-critical cyber compliance that ensures security is baked into everything. From risk management, assuring controls and governing processes, you’ll be shaping the ways great decisions are made in this role.
If you’re someone who loves automation and building repeatable process, and who tackles problems like a techie, this role just might get your cogs turning.
This brand-new role will give you the opportunity to shape the cyber GRC function from the ground up. Act as the SME, avoid inherited mess, make your mark. Nice!
What’s in it for you? - You’ll receive a base salary around the mid-$100K range (plus super), depending on your experience and expertise. We don’t have a set “X years of experience” requirement for this role, which is why there’s a degree of flexibility.
- You’ll be the go-to cyber compliance expert in a company working on some of the most bespoke, literally never-been-built-before tech out there. Your work will have a significance.
- You won’t be micromanaged. If you prefer independence and ownership, you’ll love it here. If you want someone peering over your shoulder, this isn’t the role for you.
- You’ll join a mission-driven company. The work here isn’t just “interesting” – it actually matters and contributes to improving human lives.
- You’ll be part of a solid team. Subjective, we get it, but if you like a fast, agile, “get it done” environment, and are up for a game of badminton, maybe a run club, or perhaps an after-work drink with the team, you’ll thrive here.
- Although this role requires a few days in the office each week, you just might love that as it’s one of the coolest workspaces around. Half high-tech lab, half mod cons office. Practically a toy store for the right person.
What will you be doing? There’s no such thing as a
typical day, but here’s a taste of what’s in store:
- Leading cyber assurance, risk management and cyber compliance activities, companywide.
- Wearing the SME hat for validating controls within the small but mighty security team.
- Create, and implement, assurance automations.
- Manage and lead ongoing re/certification efforts.
- Maintain deep knowledge of all major frameworks – both the “usual suspects” of cyber frameworks, and some which lean more towards gov/defence.
- Flying the cyber flag across the business, ensuring cyber controls are adequately in place.
What skills do you need to bring? You’ll need to be an Australian citizen based in Sydney. You’ll need strong tech chops, likely holding a CS/IT/Cyber degree, or equivalent experience, before stepping into the GRC realm.
Prior experience managing security compliance programs and managing projects (generally), overseeing vendor/customer compliance, and handling large-scale data, is critical to this role, so you’ll need to point to this experience throughout your career.
Are you across distinct, but connected areas of security like cloud security, framework adherence, IDAM and turning security controls into captivating visualisations? That’ll help you, for sure.
You’ll be flexing your chops in a Linux environment, so you need to comfortable doing so, and any exposure to the GenAI piece would be advantageous for you.
The reality of this role… This isn’t about ticking boxes – it’s about managing risks, building robust security frameworks, and protecting critical assets. If you’re ready to step up and ensure compliance is top-notch if a forward consideration, not an afterthought, this role is for you.
If any of this has piqued your interest, please consider applying. There’s much more information, especially technical, that can be shared with you on a confidential basis which may help you decide if this is the job for you.
HOW TO APPLY Firstly, please know that any application you make is treated with abject confidentiality. The only people who will know you’ve applied are you & me. Reach out, and let’s chat about what you want.
Click APPLY and/or contact Michael directly on mpearman@decipherbureau.com for a 100% confidential, informal conversation where your privacy will absolutely be respected.
Decipher Bureau and the clients we partner with are committed to creating a diverse environment and are proud to be equal opportunity employers. All qualified applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.