GRC Analyst

The Information Technology (IT) team plays a key role in providing business enablement throughout ResMed. We are focused on application, infrastructure, and user productivity solutions, with innovation, efficiency and security. Our goal is providing customer oriented agile delivery, effective business partnership and state-of-the-art technology solutions.

About ResMed

ResMed has pioneered some path breaking solutions to improve people’s lives and our mission is to change 250 million lives in 2025. The focus of the products and technologies is to complete the care continuum in the ‘out-of-hospital’ space, enable seamless transitions for people as they move between different care setting and empower the care givers with actionable data and insights that can transform the way care is delivered. The vision is to continuously push the boundaries of innovation, improve patient outcomes and put the patients and care givers at the center of every innovation that we pursue.

Let's talk about the Role

ResMed is seeking candidates for a Governance, Risk and Compliance (GRC) Analyst position to join our Enterprise Security GRC team.

The GRC Analyst is an integral member of the team within Enterprise Security at ResMed. Reporting to the Enterprise Security, GRC Senior Risk Manager this role will conduct Security Risk Management, Compliance and Audit activities across the business and will support team with proactive guidance, project co-ordination, risk assessment, remediation advice and tracking, and audit support to stay compliant with applicable policies, procedures, standards, guidelines and regulations. This individual will foster collaboration and trusting relationships, and will promote security education and awareness throughout the business.

Let’s talk about Responsibilities

• Compliments a high-performance team for high quality and secure IT and cloud solutions.

• Provides project co-ordination for IT Security Risk assessment, compliance, and audit activities.

• Plans, co-ordinates and facilitates internal and third-party engagements (for example ESRA, SOX ITGC, SOC1, SOC2 but not limited to).

• Assists with new GRC initiatives.

• Responsibilities include:
  (1) Conducting compliance monitoring, risk assessments, evidence collection, system access reviews.(2) Escalating and tracking remediation activities across the team and provides progress reporting.

• Able to build stable working relationships internally to exchange information.

• Receives instruction, guidance and direction from others.

Let’s talk about Qualifications and Experience

Required

• Excellent communication & interpersonal skills is a MUST

• Knowledge of information systems, information security, data privacy and regulatory compliance.

• Strong analytical, organization and time management skills.

• Demonstrates a growth mindset.

• Ability to adapt and manage assignments as they evolve and are replaced by other priorities in a dynamic fast paced environment.

• Unquestionable personal code of ethics, integrity, diversity and trust.

• Aptitude for technology and critical thinking.

Preferred

• Experience with OneTrust GRC or other Audit Control software would be advantageous.

• Experience with ISO27001 or HiTrust

• Follows standard practices and procedures and applies basic theories, concepts, principles and methodologies in analyzing situations or data.

Joining us is more than saying “yes” to making the world a healthier place. It’s discovering a career that’s challenging, supportive and inspiring. Where a culture driven by excellence helps you not only meet your goals, but also create new ones. We focus on creating a diverse and inclusive culture, encouraging individual expression in the workplace and thrive on the innovative ideas this generates. If this sounds like the workplace for you, apply now! We commit to respond to every applicant.