CrawlJobs Logo

Cyber Security GRC Analyst

readytech.io Logo

ReadyTech Group

Location Icon

Location:
Australia , Melbourne

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Making a meaningful difference with mission-critical software that empowers communities to thrive. ReadyTech is more than just a one-trick pony playing in one market with one product, or one customer. We re-imagine, design, develop and deliver technology to solve our customer’s diverse problems – supporting multiple businesses across a variety of markets to be ready for anything. We’re an ASX-listed company which means we are stable, have a strong track record of sustainable growth and have a significant number of long-term customers. So, what does this mean for you? It means we can offer you an experience that will push you to be your best, provide career-building challenges, and that will offer you numerous growth opportunities that can’t be found in any other company. It’s an inclusive environment where there is no place for politics, where we get our heads together to solve the problems that really matter to our customers, and where we always stay focused on our north star – the communities we serve, and society at large.

Job Responsibility:

  • Lead the implementation and continuous improvement of ReadyTech’s cyber security GRC framework aligned with IRAP, SOC 2, and ISO 27001 standards
  • Coordinate and manage external audits and assessments, ensuring audit readiness, evidence collection, and timely remediation of findings
  • Maintain and oversee the cyber risk register, including risk identification, analysis, treatment, and ongoing monitoring
  • Develop, update, and maintain information security policies, procedures, standards, and guidelines that reflect compliance requirements under IRAP, ISM, SOC 2, and related frameworks
  • Report and communicate cyber performance, compliance status, and risk indicators to executive and governance forums
  • Support the integration of compliance controls into IT and cloud environments to ensure secure-by design operations
  • Promote a strong security and compliance culture through collaboration, education, and awareness initiatives across the business
  • Develop, maintain, and align ReadyTech’s information security policies and control library with ISM, IRAP, SOC 2, ISO 27001, and NIST frameworks
  • Map control requirements across frameworks to reduce duplication and simplify compliance activities
  • Ensure all policies and standards are reviewed, approved, and communicated to relevant stakeholders
  • Manage the cyber risk management process, including assessment, documentation, and reporting of risks
  • Lead compliance activities to maintain certification and attestation under IRAP and SOC 2
  • Support the creation and maintenance of System Security Plans (SSP), Security Plans and Risk Registers, and Plans of Action and Milestones (POA&M) for IRAP
  • Manage vendor and third-party risk assessment programs to ensure compliance with regulatory and contractual obligations
  • Coordinate and facilitate IRAP, ISO assessments and SOC 2 audits, including evidence collection, gap analysis, remediation tracking, and reporting
  • Maintain detailed audit logs and assurance documentation to support external review and internal reporting
  • Conduct internal control testing and assurance reviews to assess compliance effectiveness and identify improvement opportunities
  • Champion a strong security and compliance culture across ReadyTech
  • Deliver targeted training and communication to increase awareness of regulatory and framework requirements
  • Support teams in embedding compliance controls within business processes, development pipelines, and infrastructure management

Requirements:

  • Must be an Australian Citizen or Permanent Resident
  • Strong analytical, communication, and presentation skills
  • Ability to translate technical risks and controls into business-relevant language
  • Exceptional organizational and time management skills with a focus on meeting compliance deadlines
  • Demonstrated initiative, accountability, and stakeholder management across technical and non-technical teams
  • Deep understanding of security and risk frameworks, including IRAP, ASD ISM, PSPF, SOC 2 Trust Services Criteria, ISO 27001/27002, NIST CSF, and ITIL
  • Familiarity with GRC tools and platforms
  • Understanding of cloud and SaaS architectures, especially within Microsoft Azure environments
  • Awareness of relevant data privacy and protection regulations
  • Minimum 4+ years in information security, with 2+ years in a GRC, compliance, or audit coordination role
  • Demonstrated experience coordinating external audits or assessments (IRAP, SOC 2, ISO 27001, or FedRAMP)
  • Proven experience in managing audit evidence, remediation, and control effectiveness testing
  • Background in systems administration or cloud infrastructure preferred
  • Experience developing and maintaining documentation such as SSPs, POA&Ms, and audit reports
What we offer:
  • A day off for your birthday
  • Additional 4 days of leave each year
  • ReadyTecher Awards each quarter with the chance to win flights and accommodation to Hamilton Island
  • Hybrid work, with in-house baristas in Australia via the Ready Beans team
  • Access to Sonder- a technology-driven platform supported by safety, medical and mental health experts - available 24/7
  • Paid parental leave
  • Additional paid leave for miscarriage, endometriosis and menopause
  • Volunteer leave
  • Flu vaccinations
  • ReadyTech merch drops

Additional Information:

Job Posted:
January 29, 2026

Expiration:
February 26, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
ReadyTech Group - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cyber Security GRC Analyst

Security GRC Analyst

Juni is seeking a Security GRC (Governance, Risk, and Compliance) Analyst to pla...
Location
Location
Sweden , Stockholm; Gothenburg
Salary
Salary:
Not provided
juni.co Logo
Juni
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2 to 4 years of experience in information security governance, risk, or compliance roles
  • Demonstrated experience with compliance frameworks and regulations (e.g., PCI DSS, ISO 27001, GDPR, PSD2, EBA outsourcing and DORA)
  • Degree in Cybersecurity or Information Systems or similar
  • Knowledge of security frameworks (e.g., CIS Controls, NIST CSF)
  • Solid understanding of risk assessment methodologies and hands-on experience with risk registers and third-party risk management
  • Experience in coordinating activities for security certifications and audits
  • Ability to develop and track security metrics (KPIs)
  • Strong analytical, problem-solving, and organisational skills
  • Excellent communication skills, comfortable presenting to various stakeholders
  • A proactive and independent worker who is also a strong team player
Job Responsibility
Job Responsibility
  • Maintain and update core security documentation, including policies, procedures, and instructions, ensuring they remain current and relevant
  • Identify, collect, and analyse data to track key security performance indicators (KPIs) and metrics, generating reports and dashboards to communicate security performance to stakeholders
  • Maintain the risk register and support daily risk management activities with growing independence
  • Follow up on the remediation of risks identified in new projects, third-party engagements, and other business initiatives
  • Conduct thorough security posture assessments of new vendors and perform periodic reviews of existing ones
  • Support our 3rd party procurement process
  • Monitor the implementation and effectiveness of security controls across the organisation
  • Coordinate and support activities to maintain key security certifications, including PCI-DSS and ISO 27001
  • Coordinate and support the implementation of remediation plans to address identified compliance gaps
  • Provide support in responding to security-related questions during partner due diligence and assist in providing necessary information for cyber insurance renewals
What we offer
What we offer
  • Work hybrid
  • Meet all Junis IRL at the company onsite each year
  • Diversity is at our core
  • Progress your career whether you choose to manage people or not
  • Stock options
  • Vacation 30 days
  • Private Health insurance
  • Beautiful offices in central Gothenburg and Stockholm, front row sea view
  • Fulltime
Read More
Arrow Right

Security Analyst

As a Security Analyst, you will be a key player in our IT security team, focusin...
Location
Location
United States , Tallahassee
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Lead the technical execution of security-related projects, focusing on system hardening and network security
  • Engage in effective communication and collaboration with various teams to meet specific security standards
  • Utilize your expertise in firewalls, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS), and encryption to ensure secure configurations
  • Conduct comprehensive vulnerability assessments and devise relevant remediation strategies
  • Manage security tools and provide support for incident response, ensuring the seamless integration of security platforms
  • Ensure strict adherence to Criminal Justice Information Services (CJIS) and State of Florida regulations
  • Work closely with Governance, Risk, and Compliance (GRC) teams to address audit gaps
  • Document and provide training on cybersecurity solutions and processes with a focus on CJIS and State regulations
  • Reengineer security processes for improved efficiency and compliance
  • Stay informed about emerging threats and technologies, providing support for cybersecurity issues
Job Responsibility
Job Responsibility
  • Lead the technical execution of security-related projects, focusing on system hardening and network security
  • Engage in effective communication and collaboration with various teams to meet specific security standards
  • Utilize your expertise in firewalls, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS), and encryption to ensure secure configurations
  • Conduct comprehensive vulnerability assessments and devise relevant remediation strategies
  • Manage security tools and provide support for incident response, ensuring the seamless integration of security platforms
  • Ensure strict adherence to Criminal Justice Information Services (CJIS) and State of Florida regulations
  • Work closely with Governance, Risk, and Compliance (GRC) teams to address audit gaps
  • Document and provide training on cybersecurity solutions and processes with a focus on CJIS and State regulations
  • Reengineer security processes for improved efficiency and compliance
  • Stay informed about emerging threats and technologies, providing support for cybersecurity issues
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • eligible to enroll in our company 401(k) plan
  • Fulltime
Read More
Arrow Right

GRC Analyst

We are seeking a GRC (Governance, Risk, and Compliance) Analyst to play a key ro...
Location
Location
United States , Minneapolis
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in Governance, Risk, and Compliance (GRC)
  • Strong understanding of risk management frameworks, including NIST or COSO
  • Knowledge of compliance standards and applicable laws
  • Familiarity with GRC tools and software, such as RSA Archer, MetricStream, or similar platforms
  • Ability to assess complex risk scenarios, identify patterns or trends, and provide actionable insights to support decision-making
  • Ability to identify discrepancies, non-compliance issues, or emerging risks impacting the organization
  • Excellent verbal and written communication skills to prepare detailed reports and interact effectively with stakeholders at various levels
  • Bachelor's degree in a related field is preferred
Job Responsibility
Job Responsibility
  • Conduct risk assessments to identify, monitor, and mitigate potential vulnerabilities
  • Develop and implement risk mitigation strategies and provide actionable recommendations to stakeholders
  • Ensure compliance with relevant laws, regulations, and standards (e.g., GDPR, PCI, ISO 27001)
  • Support the development and execution of cyber compliance programs, including evidence tracking, continuous monitoring, and audit preparation
  • Monitor and maintain internal compliance programs, track exceptions, and manage Plan of Action and Milestones (POA& M)
  • Design, review, and update governance frameworks, policies, and procedures to improve operational efficiency and address regulatory needs
  • Oversee cyber reputation management by tracking scores and making actionable recommendations for improvement
  • Respond to third-party security questionnaires and perform risk assessments for software and enterprise risk management
  • Assist with IT disaster recovery planning through documentation, tracking, and ad hoc updates
  • Facilitate ISO certification processes, including evidence collection and compliance tasks
What we offer
What we offer
  • medical benefits
  • vision insurance
  • dental insurance
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Cyber Manager's Control Assessment (MCA) Lead Analyst

This role will report to the Cybersecurity MCA Group Manager, responsible for pr...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have at least 8+ years of relevant experience
  • Experience in Manager’s Control Assessment (MCA), Operational Risk, Information Security, Cybersecurity, Risk Management, and/or Governance, Risk and Control (GRC)
  • Risk Management, Cybersecurity, and/or Project Management certifications are a plus (e.g. CRISC, CISA, CISM, CISSP, PMP)
  • Proven experience in implementing sustainable solutions and improving processes
  • Bring creative approaches to help us drive value for clients
  • Ability to influence decisions with senior leadership and business partners when confronted with differing opinions on information security risks
  • Proficiency with Microsoft Office, advanced Excel skills (e.g. macros, pivots, complex formulas)
  • Knowledge of data visualization/analytics business applications such as Tableau, QlikView, and Microsoft Power BI
  • Familiarity with Machine Learning and Artificial Intelligence (AI) is a plus
  • Fluent in English (ability to read, write, and speak)
Job Responsibility
Job Responsibility
  • Manage the planning, coordination, and execution of MCA Transformation program for CISO
  • Drive MCA best practices, transformation, and execution consistency across business/functions
  • Lead efforts in Global Process MCA Profiles (GPMPs) and Continuous Risk Management (CRM) for CISO
  • Gain expert-level knowledge of MCA Standard, Procedure, and tools to support future-state MCA
  • Support CISO Business Processes, Control Owners, and Global Assessment Unit (GAU) Owners in their responsibilities related to MCA execution
  • Identify and document key controls necessary for mitigation of cybersecurity risk
  • Be a hands-on Subject Matter Expert (SME) with the ability to drive problem solving and root cause analyses, simplify complex messages and summarize key points
  • Partner with CISO’s Enterprise Architecture Methodology (EAM) Lead team by which taxonomies and processes interlink with each other, establishing a multifaceted matrix to inform decision-making and simplification
  • Foster constructive dialogue and facilitate open discussion, sharing of knowledge and experience with customers and stakeholders
  • Actively manage relationships with CISO business partners and risk management teams to achieve sustained success
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right
New

Risk Analyst

The Risk Analyst role at NTT DATA involves assessing and managing risks to ensur...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3 - 6 years of experience
  • Experience in Cyber Governance, Risk & Compliance (GRC) and Security Operations (SecOps) Management
  • Deep understanding of GRC frameworks and SecOps activities
  • Exposure to working in a Managed Services environment
  • Solid understanding and experience of Cyber Security controls in terms of people, process and technology
  • Proven experience with Cyber control metrics management
  • Exceptional communication and written skills
  • Technical and non-technical stake holder engagement
  • Understanding of Cyber governance, Risk management, compliance frameworks such as NIST, ISO 27001, ISO 27035, SOC2
  • Strong and demonstrated experience in Information Security, with a focus on Cyber GRC and SecOps
Job Responsibility
Job Responsibility
  • Assessing and managing risks to ensure the security, integrity, and resilience of the organization's operations and services
  • Identifying potential threats, analyzing vulnerabilities, and providing recommendations to mitigate risks
  • Proactive risk assessment and collaboration with cross-functional teams
  • Audit Management: Against security standards such as ISO 27001, SOC2 Type II and Client contract obligations
  • BCP/DR testing
  • Client Cyber Risk management
  • Contribution to Cyber security awareness training
  • Metrics Management: Assist stakeholders with security metrics reporting
  • Security Incident Response
  • Supply Chain Risk and Audit management
  • Fulltime
Read More
Arrow Right

Manager, 1st Line Controls Testing, Certification and Assurance

The newly established 1st Line Control Office function within Vocalink Limited (...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
February 02, 2026
Flip Icon
Requirements
Requirements
  • Experience of working with security related control frameworks and standards (e.g. ISO27001, NIST, CRI, or PCI-DSS)
  • Experience of conducting security related audits/reviews and managing/coordinating external audits including certification audits
  • Ability to assess control design and operating effectiveness in complex environments and to identify control gaps and improvement opportunities
  • Experience of resolving certification and assurance issues
  • Knowledge and experience of all areas of security
  • Strong investigative and analytical experience (e.g. enquiry, scanning, analysis, interviewing, testing), problem-solving, and decision-making skills
  • Experience collaborating cross-functionally to identify and implement good practice security audit management and assurance processes
  • Excellent communication and stakeholder engagement skills
  • Certifications such as ISO27001 Lead Auditor, CISA, CISM, CISSP, PCI SSC ISA, CRISC, or equivalent is desirable
  • Bachelor’s degree in Computer Science, Cyber Security, Information Technology, or a related field
Job Responsibility
Job Responsibility
  • Maintain certification and assurance related documentation
  • Prepare the organisation for annual certification audits
  • Support the assessment and validation of controls and processes against a variety of security standards and obligations
  • Support the team in the management of VLL certifications, e.g. ISO27001 and PCI DSS
  • Support the team in the management of other assurance activities, e.g. ISAE3000
  • Conduct periodic testing of key and non-key controls in line with the Control Testing Methodology
  • Evaluate compliance with internal policies, standards, regulatory requirements, and customer obligations
  • Prepare and review control testing documentation, including test procedures, results, and identified gaps
  • Ensure timely escalation of control deficiencies and support remediation tracking
  • Create and quality assure reports and team outputs
  • Fulltime
!
Read More
Arrow Right
New

Cyber Security Risk & Compliance Analyst

The Cyber Security Risk & Compliance Analyst is responsible for assessing and ma...
Location
Location
United States , Manhattan
Salary
Salary:
61591.00 - 70000.00 USD / Year
k-state.edu Logo
Kansas State University
Expiration Date
January 31, 2026
Flip Icon
Requirements
Requirements
  • Requires a high school diploma (or equivalent) and six years of relevant experience
  • Requirements may be met through a combination of work experience and education
  • Bachelor's degree
  • 3-5 years of experience in compliance, audit, or risk management
  • Strong knowledge of regulatory frameworks and standards
  • Experience with GRC platforms
  • Understanding of risk assessment methodologies
  • Excellent written and verbal communication skills
  • Experience with audit processes and evidence collection
  • Knowledge of cybersecurity frameworks (NIST, ISO 27001)
Job Responsibility
Job Responsibility
  • Assessing and managing cybersecurity risks across the university's IT environment
  • Ensuring adherence to regulatory requirements, industry standards, and institutional security policies
  • Identifying vulnerabilities
  • Conducting risk assessments
  • Monitoring compliance controls
  • Providing actionable recommendations to strengthen the university's overall security and compliance posture
  • Optimizing detection capabilities
  • Improving response
  • Maintaining proactive threat response protocols
  • Ensuring the university's IT assets remain resilient against evolving security threats
What we offer
What we offer
  • Health and life insurance
  • Retirement plans
  • Generous paid time off
  • Fulltime
!
Read More
Arrow Right
New

Senior Risk Analyst

Join us as a Senior Risk Analyst and play a pivotal role in shaping the future o...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
tmgm.com Logo
TMGM
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years' experience across enterprise risk, operational risk, cyber security risk or internal audit, preferably within financial services
  • Demonstrated exposure to the design and implementation of effective risk management frameworks, and a sound working knowledge of ASIC requirements
  • Tertiary qualification in a related discipline (e.g., Finance, Business, Commerce, Risk, IT, Audit, or a related discipline)
  • Professional certifications such as FRM, CISA, CA, CPA, CIA, or equivalent are desirable
  • Prior exposure to Forex and CFD trading (or financial services) risk environment is preferred
  • Prior exposure to ICT, cybersecurity or IT Audit will be a plus
  • Excellent interpersonal and stakeholder engagement skills
  • Structured thinker with strong written and verbal communication skills
  • High attention to detail with strong analytical and reporting capabilities
  • Highly adaptable and able to manage multiple priorities in a demanding environment
Job Responsibility
Job Responsibility
  • Contribute to distinct types of risk identification, assessments, mitigation strategies, reporting, and monitoring across our businesses in alignment with our Enterprise Risk Management Framework
  • Proactively monitor emerging risks, trends, and systemic issues, escalating risks through appropriate channels, and supporting resolution as required
  • Manage Incidents and Breaches via Jira, including registering incidents in incident register and risk register, updating incident status, replying to customers, and notifying assessments and evaluations results to customers
  • Participate in cross-functional incident reviews, including CEO risk meetings, supporting timely resolution and comprehensive post-incident risk reporting
  • Support both short- and long-term initiatives stemming from incidents, helping embed risk management practices into core business operations
  • Help to drive improvements in risk reporting, analytics, and visualization to support decision-making
  • Promote a culture of continuous improvement by driving lessons-learned reviews and supporting the implementation of preventative measures
  • Assist in the delivery of assurance activities including RCSA, walkthroughs and control testing
  • Leverage data insights to identify control weaknesses and improvement opportunities, collaborating with control owners to implement effective enhancements
  • Help to prepare and update Business Continuity Plan (BCP) and the implementation of business continuity testing
What we offer
What we offer
  • Competitive salary and performance-based bonuses
  • Opportunities for career growth and development within a global company
  • Collaborative and inclusive work environment with exposure to cross-region operations
  • Health and wellness benefits
  • Flexible working arrangements
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy