Governance, Risk and Compliance Analyst

As a GRC Analyst you will be responsible for driving and maintaining cyber governance processes and practices to support RACWA in managing security risks and compliance obligations. This includes documenting processes for assuring compliance with organisational and regulatory requirements, procedures and standards.

This is a 2 year maximum term role.

What will you be doing?

• Training & Awareness: Develop and deliver training programs to increase awareness of governance, risk, and compliance across RACWA.
• Managing Cyber Governance: Maintain and enhance governance frameworks, ensuring RACWA’s cybersecurity practices align with regulatory and organisational requirements.
• Overseeing IT Assurance Programs: Assist in the development and execution of IT assurance frameworks, coordinating assurance reviews and penetration testing activities.
• Managing Third-Party Technology Risk: Assess, evaluate, and mitigate technology risks related to vendors, suppliers, and service providers, ensuring compliance with security standards.
• Supporting Audit Programs: Facilitate internal and external audits related to cybersecurity, ensuring timely and accurate documentation and responses.
• Risk Mitigation & Incident Response: Collaborate with IT and security teams to identify risks, develop mitigation strategies, and report compliance incidents.
• Documentation & Reporting: Maintain comprehensive records of governance activities and generate risk and compliance reports for senior management.

What are we looking for in you?

• Governance & Risk Experience: Experience in IT governance, risk management, and compliance, with a focus on third-party technology risk.
• Security & Assurance Expertise: Strong knowledge of risk assessment, IT assurance frameworks, and security best practices.
• Regulatory Compliance Knowledge: Understanding of industry standards such as ISO 27001, NIST, and APRA.
• Stakeholder Management: Proven ability to collaborate with internal teams and external vendors to ensure compliance with security policies.
• Detail-Oriented & Organised: Strong documentation, reporting, and process management skills to maintain compliance records effectively.
• Educational Background: Tertiary qualifications in cybersecurity, information security, IT, risk management, or a related field.
• Industry Certifications: CISSP, CISA, CRISC, CISM, or equivalent certifications are desirable.

What can we offer you?

• Innovative Technology Environment: Work with cutting-edge technologies and be part of a team driving digital transformation across RACWA.
• Growth Mindset Culture & focus on Career Development: Join a team that values personal development and enables continuous learning opportunities, certifications, and career progression within a supportive and growth-focused environment.
• Work-Life Balance: Benefit from flexible and hybrid working arrangements, including temporary remote work options and a focus on work-life balance.
• Impactful Projects: Contribute to high-impact projects or products that directly enhance RACWA's services to its members and the community.
• Diverse and Inclusive Workplace: Be part of an organisation that embraces diversity and inclusion, ensuring a welcoming environment for all employees.
• Employee Wellbeing: Take advantage of a strong focus on employee wellbeing, including mental health support, wellness programs, and fitness incentives.
• Community and Social Responsibility: Engage in meaningful community and social responsibility initiatives that align with RACWA's values and mission.

About RAC

RAC WA is a member-focused organisation dedicated to serving the Western Australian community. Our mission is to create a safer, more sustainable, and connected future for all Western Australians.
RAC values inclusivity, diversity, and flexibility in the workplace. As an Equal Opportunity Employer, we welcome everyone. For assistance during the application process, contact Jason.crooks@rac.com.au.