Grc Specialist

Security (Information & Communication Technology) Full time Tecala is an award-winning national ICT managed services provider. We work hard to help our customers transform their businesses through the innovative use of technology and need more great people to join our vibrant and growing team.
We pride ourselves on our reputation for quality and consistently delivering the right solution for our customers. You have the opportunity to become part of a supportive team, working together to provide solutions that make a difference to our broad customer base. If you are passionate about technology and motivated by assisting customers in improving their ICT operations, you will thrive with us.
ABOUT THE ROLE: Reporting to the Cyber Security Manager, the primary function of this role is to manage and maintain compliance certifications (ISO27001, DISP, PCI-DSS) for both Tecala and our customers. The role also ensures alignment with key standards and frameworks through proactive technical guidance, robust risk management, comprehensive framework alignment, internal audits, and overseeing external audits.
The successful candidate will be responsible for:
Implementing and maintaining compliance controls and certifications, including ISO27001, DISP, and PCI-DSS, for Tecala and its customers.Providing technical guidance for compliance controls, collaborating with departments to align with standards, and recommending enhanced security tools and processes.Identifying, assessing, and mitigating information security risks while developing and implementing risk management strategies.Assisting customers with compliance queries and adherence to applicable standards.Ensuring alignment with frameworks such as Essential 8 and CIS.Developing and delivering compliance training programs while promoting a culture of compliance and continuous improvement.Managing internal and external audits and generating compliance reports for senior management and customers.WHAT WE'RE LOOKING FOR: The ideal candidate possesses the following qualifications and attributes:Certifications: CISA, CISSP, ISO27001 Lead Implementer/Auditor (desirable/but not required).Proven experience in a GRC role with a focus on technical compliance, and maintenance of both controls and certifications.In-depth understanding of ISO27001, DISP, CPS234, Essential 8, NIST, SOC2, and CIS frameworks.Extensive experience with risk management and audit processes.Demonstrable experience in leading organizational change management in support of GRC.Strong technical capability in leading compliance controls implementation.Excellent analytical and problem-solving abilities.Strong communication and interpersonal skills.Ability to work independently and collaboratively; experience working within an MSP, ISP, or NOC/SOC-oriented organization is highly regarded.WHAT WE CAN OFFER YOU: As part of our team, you'll be able to learn and grow in a supportive environment. We were certified as a Great Place to Work for 2023 and 2024 and ranked in the top 20 of Australia's Best Workplaces in Technology 2024.
We have listed some of those benefits below for you:
Access to ongoing Learning & Development opportunities including self-paced learning through our learning management system.Access to Career Pathways so you can continue to build a career in the business.Reward & Recognition Program where you can also thank and reward your teammates.Employee discounts – Access discounted rates and offers from a variety of providers, including health insurance and IT Hardware.Employee Assistance Program (EAP).Note: As an essential part of our hiring process, you will be required to undertake a National Criminal History Check.
HOW TO APPLY: If you're excited about the opportunity to make a difference in our business, meet the musts and tick some maybes, then apply now.
Be sure to include a cover letter and CV to support your application.
No agencies please – we've got this one covered.
We foster an inclusive and diverse work environment where our people can be themselves. Every idea and perspective is valued so that our services reflect the companies we support. We welcome diversity in all its forms, and we welcome applications from suitably qualified candidates across the range of underrepresented communities.
Your application will include the following questions:
Which of the following cybersecurity certifications have you completed?Which of the following statements best describes your right to work in Australia?Do you have a current Police Check (National Police Certificate) for employment?How many years' experience do you have as a Governance Risk and Compliance Specialist?Have you completed a Certified Information Systems Security Professional (CISSP) certification?Do you hold Australian Security Clearance?What's your expected annual base salary?How much notice are you required to give your current employer? #J-18808-Ljbffr

---