Remotery

InfoSec Governance Risk and Compliance Lead

Posted Jun 26

This is a fully remote position, open to applicants in Australia.

📋 Description

• Lead the advancement, maturity, and implementation of UpGuard’s Information Security Governance, Risk, and Compliance function, taking primary responsibility for technology and cybersecurity risks.

• Collaborate closely with procurement, legal, and business stakeholders to incorporate security assessments into the purchasing process. Oversee Third-Party Risk Management (TPRM) evaluations for both new and existing suppliers.

• Examine security exhibits, Data Processing Agreements, and security questionnaires during procurement negotiations to protect UpGuard and its clients.

• Work alongside the CISO to provide expert analysis on broader enterprise and operational risk issues, ensuring a cohesive risk management strategy.

• Design and manage the technology and security aspects of the Risk Management process. You will uphold, enhance, and present executive-ready reports on trends, vulnerabilities, and strategic insights.

• Formally oversee the technology and security control elements of UpGuard’s annual SOC 2 Type II audit cycle. Develop, manage, and coordinate remediations and enhancements arising from previous cycles, incident reviews, and internal assessments.

• Collaborate cross-functionally with the Product team to create public-facing trust documentation, while identifying security control gaps and opportunities for improvement within the Product Development Life Cycle (PDLC).

• Create, implement, and sustain a strong framework of InfoSec policies, standards, processes, and guidelines that adapt to an evolving threat landscape.

• Develop and execute comprehensive security awareness and compliance training programs across the company using the MindTickle platform.


⛳️ Requirements

• Over 4 years of focused experience in Information Security, IT Audit, or GRC within a technical, cloud-centric environment.

• Extensive knowledge and practical experience with modern technology risk management frameworks, GRC platforms, and Third-Party Risk Management (TPRM) tools.

• Proven experience collaborating with procurement, legal, and privacy teams across different geographical regions (e.g., GDPR/CCPA, anti-corruption) to assess vendor contracts, technical agreements, and security exhibits.

• A clear and collaborative communicator adept at translating complex technical risks into understandable business impacts for stakeholders, clients, and vendors.

• Ability to work autonomously, take prompt action, and manage intricate details while maintaining focus on long-term strategic objectives.

• A perceptive problem-solver and adaptable learner capable of navigating ambiguity and assessing legal/business risk trade-offs.

• High ethical standards, meticulous attention to detail, a team-oriented mindset, and a genuine passion for both teaching and learning.


🏝️ Benefits

• Monthly Lifestyle subsidy: Utilize this for your financial, physical, and mental well-being.

• WFH set-up allowance: To help create an optimal working environment, we will assist you in getting set up within your first 3 months at UpGuard.

• $1500 USD annual Learning & Development allowance: To promote your career growth, all team members can expense development opportunities against this allowance.

• Annual leave: PTO plus two additional UpGuardian leave days for you to recharge.

• 18 weeks of paid Parental Leave: Available to all parenting roles.

• Personal Leave Allowance: This encompasses sick and carer’s leave.

• Fully remote working environment: While we have physical offices in Sydney & Hobart, attendance is not compulsory.

• Top-spec hardware: All team members will receive high-performance laptops for their roles.

• Generative AI subsidy: UpGuard offers paid subscriptions for all team members to access generative AI tools to enhance their work.

People also viewed

Mercyhealth Wisconsin and Illinois14 hours ago

340B Compliance Analyst

US flagUnited States OnlyFull-timeCompliance$58.8k – $85.3k/year
ApplyView job
Parexel1 day ago

Regulatory Affairs Consultant – Local Regulatory Affairs Operations

IN flagIndia OnlyFull-timeCompliance
ApplyView job
Anchorage Digital1 day ago

Compliance Member

SG flagSingapore OnlyFull-timeCompliance
ApplyView job
BeOne Medicines2 days ago

Senior Associate, US Regulatory Affairs

US flagUnited States OnlyFull-timeCompliance$93.6k – $123.6k/year
ApplyView job
Sowelo Consulting sp. z o.o. sp. k.3 days ago

Governance & Compliance Lead

DE flagGermany OnlyFull-timeCompliance
ApplyView job
Mashreq4 days ago

Team Lead – Compliance Operations

PK flagPakistan OnlyFull-timeCompliance
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers