Governance, Risk and Compliance (GRC) Manager - News Corp Australia - New South Wales

News Corp Australia | Posted 13-08-2019

New South Wales (Cyber Security)


News Corp Australia83 reviews-Permanent

News Corp Australia

83 reviewsRead what people are saying about working here.New South WalesPermanent

The Governance, Risk and Compliance (GRC) Manager will have a strong understanding of security and privacy principles as well as a sound understanding of the regulatory environment affecting the business.

Manage and maintain the Cyber GRC Program, including the development, implementation and maintenance of security policies, standards, guidelines and processes to ensure compliance is maintained and risk is mitigated.

What’s the role?

  • Perform risk assessments and report on enterprise-wide and third party security controls and services
  • Report on meaningful metrics, including KPIs and KRIs to measure and track cyber risk and the effectiveness of the Cyber Security function
  • Engage with key internal and external stakeholders to ensure compliance with SOx, PCI and Privacy compliance requirements and targeted
  • Conduct compliance readiness assessments against standards based requirements
  • Lead and drive the vendor risk management and supply chain management framework as well as risk action closure and risk mitigation
  • Manage audits, external assessments and assurance processes including, but not limited to PCI DSS, SOx, NIST CSF
  • Track technology and cyber related audit findings and actions
  • Enhance, coordinate and support the implementation of the Disaster Recovery Framework to AS/NZS/BS/ISO standards, aligned to the Organisational Business Continuity Management Program
  • Lead user education and awareness training for all employees

Who are you?`

  • Vast experience within Cyber Security or related fields
  • Experience with Risk Frameworks such as ISO 31000
  • Comprehensive knowledge and experience with Industry Standards such as NIST CSF, NIST 800-53, PCI DSS, ISO 27001
  • Degree Qualification in Information Security, Computer Science, Engineering or similar
  • Strong communication skills
  • Professional security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar preferred

What’s in it for you?

  • Collaborative environment
  • Opportunity to innovate, challenge the norm and pioneer the way forward
  • Variety of work where no two days are the same
  • Exposure to global operations and networks
  • Make a difference as part of Australia’s most influential media organisation