Payments RCA Professional at U.S. Bank focused on operational loss reporting and risk management compliance. Collaborating across teams to ensure timely and accurate reporting and process improvement.
About the role
- Senior Governance, Risk and Compliance Advisor at Datacom safeguarding digital assets across Australia and New Zealand. Designing, implementing, and assessing compliance frameworks in cybersecurity.
Responsibilities
- Develop and implement security frameworks: Identify, develop, and implement security processes, standards, and policies that align with Datacom’s Information Security Plan and strategic objectives.
- Collaborate across business units: Work closely with internal teams to ensure the consistent application of security controls that meet Datacom and business requirements.
- Regulatory and framework compliance: Ensure adherence to both the Australian Government Information Security Manual (ISM) and Protective Security Policy Framework (PSPF), as well as the New Zealand Information Security Manual (NZISM) and Protective Security Requirements (PSR), across Datacom’s internal and client environments.
- Continuous improvement and assurance: Lead ongoing auditing, monitoring, and enhancement of security controls, including the development and maintenance of Threat and Risk Assessments (TRA), System Security Plans (SSP), and Security Risk Management Plans (SRMP).
- ISO 27001 and ISMS maturity: Apply your deep knowledge of the ISO/IEC 27000 series to support the design, implementation, and continual improvement of our Information Security Management System (ISMS).
- Essential 8 compliance: Lead and maintain organisational compliance with the Australian Cyber Security Centre (ACSC) Essential 8 maturity model, ensuring effective implementation, measurement, and uplift of mitigation strategies across Datacom’s environments.
- SOC 2 Type 2 compliance: Oversee and coordinate activities to maintain SOC 2 Type 2 certification, including evidence collection, control testing, audit readiness, and continuous improvement of internal security and privacy controls.
- GRC tooling and automation: Leverage and optimise GRC tooling, preferably Vanta, to automate evidence collection, track control performance, and manage risk and compliance workflows efficiently.
- Security awareness and enablement: Provide guidance, education, and training to improve understanding of security policies, processes, and technologies across teams, fostering a strong culture of compliance and accountability.
Requirements
- Extensive experience in information security, audit, assurance, governance, risk or compliance and a sound understanding of information security principles, polices and standards
- Previous experience with stakeholder engagement with a strategic and strategy focus
- Experience with and good understanding of IRAP
- The GRC Advisor must have a detailed knowledge of agency-specific and Australian Government protective security policy, principles, and minimum standards, and be provided with opportunity to maintain this knowledge
- Understanding of contract deliverables and obligations
- Some technical knowledge to make informed decisions about business risks from vulnerabilities
- Ideally, you will be industry certified and may even hold a CISSP, CISM, MS or equivalent certifications.
- Experience in developing and administering an information security program (desirable).
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Compliance Representative managing risk and compliance under U.S. Bank's financial services. Involves collaboration across various teams and addressing policy violations and customer complaints.
Corporate Compliance Analyst supporting the development of a global compliance program at Vantage Data Centers. Engaging in risk assessments, training, and compliance monitoring to drive process improvements.
Senior Executive/Executive in charge of compensation and compliance at Orfium, ensuring legal adherence and proper employee relations while managing benefits and compensation strategies.
Compliance Reporting Assistant supporting compliance activities and gaining hands - on experience in a dynamic international environment. Assist in preparing reports and dashboards while collaborating with various stakeholders.
Environmental Compliance Specialist managing compliance with environmental laws for natural gas projects in multi - state areas. Supervising consultants, preparing compliance reports, and conducting audits.
Compliance Analyst ensuring adherence to Federal Energy Regulatory Commission and ERCOT standards. Collaborating with various teams to manage compliance documentation and processes.
Manage compliance testing for Manulife within the Canada Segment team. Analyze key business controls and recommend improvements for compliance in financial institutions.
Senior Gas Pipeline Compliance Analyst maintaining safe, reliable natural gas operations at Enbridge. Analyzing regulations and partnering with teams for federal and state compliance.
Regulatory Analyst managing compliance obligations associated with regulatory requirements at Tallgrass, an energy infrastructure company. Involved in preparation, analysis, and administration in relevant areas.