GRC Consultant

  • Melbourne, VIC
  • Permanent
  • Full-time
  • 1 month ago
  • IT
  • Melbourne, Australia
  • Full time
  • Hybrid
In this role you will:Join Web Travel Group as a GRC Consultant and take the lead in shaping and strengthening our compliance and security frameworks. You will play a lead role in key programs such as PCI-DSS, ISO 27001, and NIST CSF. You’ll manage audits, conduct risk assessments, and support policy development-ensuring our compliance posture stays strong and future-ready.Key Responsibilities.
  • Maintain and lead our compliance programs including PCI-DSS, ISO 27001, NIST CSF etc.
  • Manage audit programs - liaise with third-party auditors.
  • Conduct risk assessments and gap analyses to understand key threats to our organisation.
  • Select and implement an appropriate compliance tool to manage our compliance programs.
  • Facilitate third-party risk management, vendor due diligence, and contract compliance.
  • Support development of our security and compliance policies and procedures.
  • Monitor and report on key risk indicators (KRIs), compliance metrics, and audit findings.
  • Stay current on emerging regulatory trends and best practices in risk and compliance.
  • Following up with key stakeholders on open risks and ensuring appropriate mitigations are in place.
The skills we would love to see in your suitcase.
  • Bachelor's degree in a related field i.e. Commerce, IT, Information Security, Risk Management, Finance.
  • 2 years knowledge of frameworks such as: ISO 27001 / 31000, NIST CSF, PCI-DSS
  • Strong analytical, writing, and presentation skills.
  • Ability to manage multiple projects and interact with both technical and non-technical stakeholders.
  • Professional certification such as CISA, CRISC, ISO Lead Auditor/Implementer are preferred.
  • Consulting experience is a plus.

WebBeds