Warning! Be wary of scams. Read our FAQ page for more information.


GRC Specialist

Contract Type

Contract

Location

Victoria, Melbourne

Industry

IT

Specialisation

Security

Salary

AU$120000 - AU$160000 per annum + +Super

Contact Name

Jeffrey Alcock

Contact Email

jeffrey.alcock@talenza.com.au

Date published

14-07-2026

Job Reference

BBBH21986

Description



GRC Implementation Analyst - ISO 27001 & Essential Eight - Technical

Location: Melbourne
Contract: 9 Months FTC
Salary: $160,000 + Super

A leading organisation is seeking an experienced GRC Implementation Analyst to drive the implementation of an ISO 27001:2022 Information Security Management System (ISMS) and support the achievement of ASD Essential Eight Maturity Level 2.

Working closely with the Technology and Cyber Security teams, you will be responsible for implementing security controls, managing audit evidence, maintaining risk registers, supporting certification activities, and ensuring the organisation is audit-ready.

  • Implement and operationalise an ISO 27001-compliant ISMS.
  • Develop and maintain security policies, standards, and procedures.
  • Manage audit evidence and GRC platform records.
  • Perform control testing, assurance activities, and remediation tracking.
  • Implement and configure Microsoft security technologies including Microsoft 365, Intune, Entra ID, Defender, and Purview.
  • Support risk management, vendor risk assessments, and audit preparation.
  • Produce security documentation, SOPs, and reporting on control effectiveness.
  • Proven experience delivering ISO 27001 certification programs.
  • Hands-on implementation of ASD Essential Eight controls.
  • Strong understanding of security governance, risk, and compliance frameworks.
  • Experience with Microsoft 365 Security, Intune, Entra ID, Defender, Purview, and Security Score remediation.
  • Experience with NIST CSF, GRC platforms, evidence management, and audit readiness activities.
  • Strong technical writing and stakeholder engagement skills.
  • Demonstrated ability to manage end-to-end security and compliance initiatives.
  • Experience within transport, operational technology (OT), utilities, government, or other regulated industries.
  • Certifications such as ISO 27001 Lead Implementer, CISSP, Security+, or equivalent.

This is an excellent opportunity to play a key role in a major cyber security uplift program, delivering ISO 27001 certification, Essential Eight compliance, and long-term security governance capabilities.


Apply Now

File types: PDF, Microsoft Word or text