i-bullet Growing cyber function in large complex enterprise i-bullet Own and lead enterprise-wide GRC, audit and risk initiatives i-bullet Full time, permanent and hybrid - Melbourne based Growing cyber function in large complex enterprise Own and lead enterprise-wide GRC, audit and risk initiatives Full time, permanent and hybrid - Melbourne based We are recruiting for a Senior GRC Specialist to join a large, complex enterprise environment undergoing significant cyber security uplift. This is a high-impact role within a well-established organisation that has made substantial investment in cyber security, rapidly expanding its capability and continuing to mature its governance, risk, and compliance function. You will work closely with senior cyber leadership and play a key role in driving audit readiness, strengthening governance frameworks, and embedding effective risk management practices across the business. About the Role Lead and manage cyber audit and assurance activities end-to-end, including ISO 27001, internal audits, and external audit requirements Own and maintain the organisation's ISO 27001 ISMS, including audit preparation, evidence management, and remediation activities Drive cyber risk management, including ownership of the risk register, risk assessments, and treatment planning Deliver clear, executive-level reporting on cyber risk, compliance posture, and remediation progress Enhance and mature governance frameworks aligned to industry standards such as ISO 27001 and NIST Support the optimisation of GRC tooling and processes to improve efficiency, automation, and reporting capability Collaborate with cyber, technology, and business stakeholders to embed GRC practices across the organisation Provide leadership within the GRC function, supporting uplift in capability, delivery quality, and maturity About You Proven experience in a senior Cybersecurity GRC, audit, or assurance role within complex enterprise environments Strong track record of leading audits across ISO 27001, internal audit, and broader compliance programs Deep understanding of cyber risk management, including ownership of risk registers and reporting frameworks Hands-on experience with GRC platforms and reporting tools Strong knowledge of industry frameworks such as ISO 27001 and NIST Excellent stakeholder engagement and communication skills, with the ability to influence at multiple levels Ability to operate autonomously while leading complex initiatives and driving outcomes Please apply now!
