Get AI-powered advice on this job and more exclusive features.Your new companyThis organisation is one of the largest and most comprehensive health services in Australia, providing care at all stages of life and under various circumstances. The services available cover the full spectrum from primary care, community services, aged care, rehabilitation, mental health, to emergency and acute care.Your new roleThe Governance, Risk, and Compliance (GRC) Analyst will support the development, implementation, and monitoring of the organisation's cybersecurity governance framework. This role will be instrumental in strengthening the cybersecurity posture through efficient risk management, compliance with regulatory requirements, and structured governance practices. The GRC Analyst will work closely with the information security manager and cross-functional teams to assess the organisation's cybersecurity footprint and ensure the alignment of cybersecurity practices with the organisation's governance obligations and Department of Health-defined objectives.Key Accountabilities:Conduct cybersecurity assessments on new applications, evaluating their compliance with security and data protection requirements.Audit existing applications, recording specific cybersecurity profile data to develop risk profiles for all applications.Liaise with relevant teams and business contacts to obtain necessary information to maintain the application list.Conduct cybersecurity assessments of third-party vendors and service providers, evaluating their compliance with security and data protection requirements.Maintain records of vendor assessments and assist in developing risk profiles for key suppliers.Liaise with the procurement and legal departments to ensure new vendors meet cybersecurity requirements.Support the organisation's compliance efforts by identifying and interpreting the cybersecurity controls as defined by the Department of Health.Assist in preparing for internal and external audits and assessments, gathering necessary documentation, and tracking compliance status.Work closely with auditors, the Department of Health, other regulatory bodies, and stakeholders to address findings, document responses, and oversee remediation.Assist in regular risk assessments of internal and external-facing systems, applications, and vendors to identify cybersecurity threats and vulnerabilities.Evaluate and prioritise identified risks, collaborating with stakeholders to implement appropriate risk mitigation strategies.Maintain and enhance the risk register, tracking risk levels, remediation actions, and mitigation timelines.What you'll need to succeedPossess exceptional analytical and problem-solving capabilities with meticulous attention to detail.Demonstrates excellent verbal and written communication skills, adept at conveying complex information to both technical and non-technical stakeholders.Experienced in risk assessment, incident response, and audit processes.Capable of managing multiple priorities in a fast-paced environment while collaborating effectively with cross-functional teams.Knowledge of healthcare compliance standards (HIPAA, Australian Privacy Principles) and data privacy laws is advantageous.Holds a Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or a related field.Comprehensive understanding of cybersecurity frameworks, health industry regulatory requirements, risk assessment methodologies, and cybersecurity standards (e.g., NIST, ISO 27001).What you'll get in returnJoining this company means becoming part of a team that embodies respect, compassion, commitment, accountability, and innovation.What you need to do nowIf you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career.Tishan GamageTishan.Gamage@hays.com.auSeniority levelMid-Senior levelEmployment typeFull-timeJob functionInformation TechnologyIndustriesInformation Services
#J-18808-Ljbffr