Security Governance Risk and Compliance (GRC) Engineer

Job Requisition ID: 38102 

About our Practice:

Our Engineering as a Service (EaaS) Practice consists of a diverse mix of skilled and experienced managed services personnel providing differentiated DevOps and Cloud support services for leading edge technology transformation projects in steady state.

The Deloitte EaaS team is responsible for providing our clients with the highest level of customer support services by using modern service management frameworks and leading operational tooling.

Our business is growing and we’re on the look-out for a Service Delivery Manager to join the team. The role includes a focus on Service Delivery including Service Management, reporting, and managing work loads of cross functional teams.

The Security Governance Risk and Compliance (GRC) Engineer will be responsible for:

• Developing security compliance processes and assessing effectiveness of security controls.
• Perform security reviews and identify gaps in security architecture resulting in recommendations for inclusion in the risk management strategy.
• Participate in Risk Governance processes to provide security risk, mitigations and input on other technical risk.
• Verify that application software/network/system security postures are implemented as stated, document deviation and recommend required corrections.
• Provide internal or external customer and partner support via the Deloitte Service Desk Portal, email, and phone, as well as onsite from time to time as required.
• Work as part of a team to complete assignments and tasks providing maintenance, administration, testing, troubleshooting, and diagnostics support for customers’ environments, liaising with internal and external stakeholders as appropriate.
• Assist and respond to urgent requests and escalations, seeking assistance pro-actively as required.
• Communicate with internal and/or external key stakeholders to ensure they remain informed.
• Participate and assist in the design, development, implementation and/or support and maintenance of solutions and standards.
• Contribute to the ongoing improvement of services, standards, processes, and procedures.

Skills/ Qualifications

This position requires the person possess broad knowledge in:

• Demonstrated knowledge of current industry practices for implementing and managing IT security tools, assessments, and remediation using standards-based approaches.
• Strong understanding of cybersecurity and privacy principles for managing information risks across storage, processing, and transmission.
• Familiarity with a wide range of cyber threats and vulnerabilities.
• Knowledge of Australian Government and international cybersecurity standards (e.g. Information Security Manual, ISO 31000).
• Skilled in conducting risk assessments, system security reviews, and interpreting vulnerability scan results to identify and address issues.
• Proficient in technical writing, including the development and editing of assessment documentation.
• Effective communicator with experience advising stakeholders on security matters and delivering clear, impactful briefings.
• Desirable experience includes working with legacy systems lacking built-in security, and configuring tools such as Endpoint Detection, Vulnerability Scanners, and SIEM platforms.

Work Entitlement

Due to the nature of the clients this role will be working with, you must be an Australian Citizen and must be willing to undertake the Australian Government Security Vetting process.

Why Deloitte
At Deloitte, we create positively differentiated work experiences that enable our people to feel valued and achieve their full potential. Deloitte Australia opens the door to a career that can cross borders virtually and physically across Asia Pacific to gain experience and access projects beyond Australia’s borders. We value difference, and embrace people with diverse backgrounds, experiences, gender identities, abilities and thinking styles. Knowing that people work best in a variety of ways, we are happy to discuss alternative arrangements if the working pattern you are looking for is not specifically indicated.
We’re committed to continually building a safe and respectful workplace, where all our people feel appreciated and accepted. Through the creation of endorsed employee-led diversity networks which promote cultural, disability, LGBTI+, Aboriginal and Torres Strait Islander people and gender equality, we’re leading the way to shape an environment where everybody can thrive.
We are proud to have been recognised for our efforts in inspiring change and accelerating progress – check out our careers site for recent recognition in this space.
We offer a variety of benefits and very flexible work arrangements, allowing you to work in a way that suits you best.

#linkedin

By applying for this job, you’ll be assessed against the Deloitte Talent Standards. We’ve designed these standards so that you can grow in your career, and we can provide our clients with a consistent and exceptional Deloitte employee experience globally. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.