AddressAbout us:
Established in 2007, CDC Data Centres is Australia’s leading operator of sovereign, secure, world-class data centre facilities.
Headquartered in Canberra with multiple facilities in the ACT, NSW and New Zealand, CDC’s diversified operations provide secure data centre configurations that support co-location, containerised and hyperscale compute environments with all campuses interconnected with high-speed carrier grade networks.
At CDC we are passionate about creating an inclusive workplace that promotes and values diversity. We believe that everyone’s unique experiences enable us to deliver meaningful benefits for our people, our clients and communities. Our mission is to attract, retain and grow the world’s best data centre team.
Our people are responsive, innovative and trusted in supporting our customers. Together, we configure the landscape to meet the security, reliability, connectivity and sustainability needs for today and tomorrow.
About the role:
We are looking for a GRC Specialist to support CDC Data Centre’s enterprise risk management program, enterprise policy management framework and quality assurance activities. The incumbent will contribute to business resilience and continuity frameworks and own internal monitoring and review programs to ensure CDC’s remains compliant with various Government and industry standards. The role will be supported to proactively identify potential risks within the business and to act upon them in a timely and effective manner.
Key responsibilities include:
• Assisting in the design, implementation and ongoing support of enterprise-wide programmes including:
- Enterprise Risk Management Framework
- Enterprise Policy Management Framework
- Protective Security Management Framework
- Business Resilience and Continuity Framework
- Assurance and Internal Audit Program
• Assisting the Senior Manager, Security Resilience and Assurance with policy development and implementation.
• Drafting protocols, procedures, and guidance material.
• Working with stakeholders to develop effective risk management and assurance plans.
• Developing auditing schedules, conducting non-financial audits, and working with stakeholders to design remediations for internal and external audit findings.
• Educate and train employees (including management) on governance Risk and Compliance-specific matters.
• Collaborating with internal and external audit providers or other professional advisors as and when required.
• Fostering a culture of continual improvement in governance Risk and Compliance within the business
• Mentor and impart knowledge on junior staff.
• Lead, attend and contribute to appropriate team and stakeholder meetings and committees as required and relevant to ensure excellent stakeholder engagement and communication.
• Embrace and model CDC’s DNA and Leadership Fundamentals.
• Provide cultural and operational team leadership.
• Mentor and impart knowledge to junior staff.
• Other duties as direction from time to time.
About you:
• Previous GRC experience, preferably in a highly regulated environment.
• Experience with and direct exposure to applicable laws, regulations, and standards relevant to a large critical infrastructure provider, including Telecommunications Act 1997 (Cth), Security of Critical Infrastructure Act 2018 (Cth), Dept. Home Affairs’ Hosting Certification Framework, SOC1 Type II and SOC2 Type II controls, PCI-DSS, ISO9001, ISO14001, ISO27001 and ISO 45001.
• Excellent understanding of Risk and Compliance principles and frameworks.
• Demonstrated experience in driving positive outcomes through high level communication, interpersonal ability and proactive stakeholder engagement.
Essential:
• Australian Citizenship and the ability to obtain and maintain AGSVA Security Clearance at Negative Vetting 1 level.
How to Apply:
If you are looking to own your career and take on a new challenge in a fast-growing Australian Technology company and be part of our amazing team, please submit your resume and cover letter by clicking Apply.
