Governance Risk and Compliance (GRC) Lead

Melbourne, Australia - Hybrid 

We are looking for a GRC lead to join our InfoSec team. This role will help drive various GRC activities which include supporting prospect and customer security questions, maintaining security policies, supporting security audits and assessments and driving new security certifications/compliance initiatives.  

About Ivalua

A “Magic Quadrant” leader, Ivalua’s solutions work in a complex global economy.  Our innovative Source-to-Pay solutions include automating customized workflows to source, contract, request, procure, receive, and pay for goods and services across the enterprise, refining the procurement lifecycle while reducing cost and risk of spending on indirect goods, direct goods and services, and improving supplier collaboration.

All companies want the best and brightest. At Ivalua, we also want team members who have a global point of view and who bring customer-focused enthusiasm and ambition to the table. We are a company of doers, of problem solvers, of figure-it-outers. We have fun and we work hard.  Ivalua is a truly global company with a diverse team of contributors and a set of core values that people can feel every day across all our offices.

About the Team:

You will be part of the InfoSec team with a mission to  build, maintain and continuously improve its Information Security program, giving peace of mind, assurance of protection and safety to our customers. 

Our team is very hands-on with a strong mindset of problem solving while also having the ability to think of the implementation holistically and provide solutions that solve the customer’s long-term challenges. Our team works hard, plays hard and enjoys all indoor and outdoor activities that the company organizes from time to time, so that you can focus, work collaboratively, and be at your creative best. 

Key Responsibilities:

• Lead security audits/certifications/self-assessments e.g. PCI, IRAP, NIST 800-53 etc.
• Coordinate and manage customer security audits for APAC region and support other regions
• Coordinate and manage internal security self-assessments and audits
• Assist the sales and bid-desk team in effectively responding to prospect’s InfoSec questions
• Perform continuous compliance and monitoring capabilities
• Help automate and enhance security operation processes
• Support Governance, Risk & Compliance (GRC) tools implementation and utilization

Skills, Abilities, Experience & Qualifications:

• Bachelor’s Degree in a related field or equivalent experience
• Prior Big 4 experience
• Strong working knowledge of a broad range of audit and Information Security frameworks (IRAP, NIST CSF & 800-53, ISO27001, SOC, HITRUST, HIPAA, FedRamp, PCI, GDPR, etc.)
• Hands on experience in leading  audits/reviews against some of the InfoSec frameworks mentioned above
• Knowledge and experience working with IT and security personnel as well as security concepts at all layers of a technology (e.g. Network, Infrastructure, Web Application, Cloud Platforms (e.g. Azure, AWS, GCP) environments
• Knowledge of risk and security industry literature and knowledge bases (OWASP, MITRE ATT&CK, NIST 800-39, etc.)
• Excellent interpersonal, communication and organizational skills
• Relevant audit and/or Information Security certifications (e.g., CISSP, CISA, CISM, Azure Cloud Security) are desired
• Team player with the ability to interface effectively with a broad range of individuals and roles, including IT and vendors
• High degree of initiative, dependable and able to work well with limited supervision

Preferred Education:

Computer science, Cybersecurity or a closely related field or foreign equivalent

Check out our video and find out Who We Are! 

Join Ivalua today and procure a great future for your career!

Ivalua’s core values include a priority on Care & Grow People. We take matters like pay equity very seriously and strive to reward our employees appropriately and fairly for their talents.

#LI-MV1 #LI-HYBRID