About Eunexus

Eunexus is a high-security cloud services provider delivering private, secured, and fully managed hosting environments for clients with advanced compliance needs. Our proprietary Eunexus Cloud platform is designed for organisations that require dedicated, compliant, and scalable infrastructure supported by Australian-based teams.

The Role

We are seeking an experienced Governance, Risk and Compliance (GRC) Lead to oversee and mature Eunexus' internal governance and compliance frameworks. This role will play a pivotal part in leading Eunexus toward PCI DSS and ISO 27001 certification, while ensuring ongoing alignment with leading standards such as SOC 2 and other regulatory frameworks relevant to our clients.

You will also work closely with our clients to ensure that Eunexus continues to meet and exceed their security and compliance expectations — providing confidence that their critical data is hosted in a controlled, trusted, and demonstrably compliant environment.

Key Responsibilities

Lead the design, implementation, and management of Eunexus' Information Security Management System (ISMS).

Drive and coordinate certification initiatives, including PCI DSS and ISO 27001.

Maintain continuous compliance with relevant frameworks and standards (ISO 27001, PCI DSS, SOC 2, NIST, etc.).

Oversee risk management, policy governance, and control assurance activities.

Partner with clients to ensure contractual, regulatory, and compliance obligations are understood and met.

Lead internal and external audit preparation, evidence gathering, and corrective action processes.

Develop and maintain security governance documentation including policies, standards, and procedures.

Advise Directors on compliance posture, emerging risks, and improvement opportunities.

Skills and Experience

Demonstrated experience in information security governance, risk, and compliance leadership roles.

Minimum 4-5 years of experience in GRC leadership roles.

Strong working knowledge of PCI DSS, ISO 27001, and SOC 2 compliance frameworks.

Experience with PCI DSS and ISO 27001 certification projects or implementation is required.

Experience designing and implementing ISMS and risk management processes.

Strong understanding of cybersecurity controls, monitoring, and assurance activities.

Excellent stakeholder management and communication skills — able to work effectively with both technical and executive teams.

Relevant certifications such as ISO 27001 Lead Implementer/Auditor, CISM, CISSP, or CRISC will be highly regarded.

Australian citizenship or permanent residency is required for this position.