Senior Information Security and Compliance Specialist

Senior Information Security and Compliance Specialist

As the Senior Information Security and Compliance Specialist you will establish yourself as the single point for security monitoring and compliance across the RightCrowd product suite including enterprise applications, cloud security, network security, and customer interaction.

The position is full-time and will be based in our Australian office, located in Robina, Gold Coast.

Reporting to the IT Manager, you will be operating out of the IT team and working closely with the Engineering team, Delivery teams, and the wider business.

To be successful in this position, you will need to have the ability to carry out the following duties and responsibilities:

  • Lead security initiatives, education and maturity across the business.
  • Assume ownership of all ISO 27001/2 requirements ensuring compliance and certification is achieved and maintained.
  • Keep current with available security tools/solutions and take the lead in recommending the most appropriate solutions to the business for consideration and implementation.
  • Update and maintain cyber security risk management policies and ensure vendors and internal staff understand and operate within these frameworks.
  • Monitor regulatory IT security & compliance requirements and champion these across the business.
  • Lead IT audit responsibilities and complete IT security due diligence requests from customers and prospects.
  • Own IT security incident response and data breach notification processes.
  • Work with the IT and Engineering team to review security architecture (e.g. WAF, bot mitigation, automated pen testing etc.) and ensure optimization and continuous improvement.
  • Work closely with external vendors around penetration testing and tooling.
  • Provide security reporting – including board-level reporting.

To be successful in this position, you will need the following skills and experience:

  • Qualifications relevant to this role (tertiary or equivalent).
  • Broad IT security background across cloud / network security, security operations, access control and (ideally) risk and compliance.
  • Cloud technology experience (e.g. AWS, Azure, Nutanix, VMware etc.).
  • Scripting skills are highly beneficial.
  • Excellent organization skills, and the ability to truly think outside the box to find practical solutions
  • Superior written and verbal communication skills.
  • Outstanding interpersonal skills, with an ability to communicate and share your message with a highly diverse range of people.
  • The ability to perform independently and as part of a team.

This role calls for a strong security generalist from an information security and compliance background with an interest (and capability) to take on additional compliance responsibilities.

To apply for this job email your details to