Governance, Risk & Compliance (GRC) Analyst

What is on offer?

• Career development in a leading MSP
• Full employee welcome kit
• Birthday gift voucher
• Quarterly team building activities / company events
• Energetic and positive work culture – where people enjoy their job, have a laugh, and work together

About the Company

Our client is a recognised dependable Managed IT provider with over 12,000 users globally. Their goal is to utilise IT to empower businesses in achieving success in ways that can make the world a better place for all. They help their clients realise their own organisations’ visions, which can come alive faster and better when the business’ IT is well-maintained and secure.

They care for all their customers equally, regardless of location and they give the same excellent service, leveraging technology to help their clients reach business objectives. They are a team of dedicated professionals who always put customers first in consistently delivering reliable IT solutions. They continue to strive for excellence whilst upholding their core values: Customer First, Consistency, Teamwork.

Due to growth, we are looking for a Governance, Risk & Compliance (GRC) Analyst to be based in Brisbane. This position requires a high degree of autonomy and self-direction, as you will work independently to engage with various stakeholders!

The Role

The Governance, Risk & Compliance (GRC) Analyst plays a crucial role in ensuring the company’s clients meet the compliance standards set by the Australian Privacy Act. This role is instrumental in gathering and validating evidence to support data privacy and protection, ensuring that all processes and documentation meet regulatory expectations.

Responsibilities

• Conduct interviews with stakeholders, evaluate compliance with Privacy Act requirements, identify security gaps
• Collect and validate evidence in Assuredly, maintain high standards for data accuracy and completeness
• Support audits for ISO 9001, 27001, and 14001, manage records, and ensure audit readiness
• Evaluate SMB1001:2025 framework controls, educate clients on governance, and manage compliance
• Prepare compliance reports, deliver findings and recommendations, educate clients on data privacy protection
• Maintain rigorous standards in recording, verifying, and updating compliance data; conduct routine reviews to ensure integrity of all records
• Plan and execute assessment activities independently, ensuring all steps are completed within defined timelines and standards

The successful candidate

• Updated with ISO standards, Privacy Act requirements, and CyberShield frameworks an advantage
• Demonstrated expertise in evidence-gathering tools, advanced reporting software, and comprehensive audit procedures
• Skilled in analysing data trends and patterns, maintaining accurate compliance documentation, and ensuring data integrity
• Exceptional communication skills
• Ability to foster strong, positive relationships with stakeholders through clear, professional, and respectful communication
• Exhibit accountability in managing multiple responsibilities whilst actively pursuing continuous professional development
• Consistently produce high-quality, concise reports, and maintain audit readiness

The intent behind this role is to strengthen client adherence to the Privacy Act’s Reasonable Steps requirements, ensuring a sound foundation for privacy and data security across the company's client base. If this sounds like you, APPLY NOW, or contact Mikee from NextGen HR 03 9119 0703!