Audit and Compliance Team Lead
Audit and Compliance Team Lead
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Based in Melbourne Australia MedHealth are currently seeking someone with a high level of initiative an outgoing personality and a professional can-do attitude to join our team.
The Audit & Compliance Lead is responsible for coordinating and executing cybersecurity compliance activities internal and external audits and assurance reporting. This is a technically grounded role focused on control implementation evidence gathering and continuous improvement of governance risk and compliance (GRC) processes.
Working closely with the Security and Compliance Manager this role will lead the audit and assurance function maintain alignment with regulatory and policy requirements (e.g. ISO 27001 NIST) and help embed a security-first culture across the organisation. The role also provides leadership and mentoring to the Audit & Compliance Officers.
- Lead the planning coordination and execution of cybersecurity audits (internal external regulatory).
- Manage the end-to-end audit lifecycle including evidence collection gap analysis remediation planning and status reporting.
- Prepare audit artefacts aligned to relevant frameworks (e.g. NIST CSF ISO 27001 DISP ACSC Essential Eight).
- Coordinate control testing activities and assurance reporting to internal stakeholders and executive governance bodies.
- Co-ordinate and oversee risk function for technology and cyber operations.
- Collaborate with internal IT teams to identify track and mitigate technology-related risks.
- Conduct risk assessments and provide recommendations to improve security posture and regulatory compliance.
- Prepare detailed reports and presentations for senior leadership board members and external regulatory bodies.
- Lead third-party risk management processes ensuring vendors meet security and compliance requirements.
- Conduct security assessments for new and existing vendors ensuring proper due diligence is performed
- Define develop and implement key security and compliance metrics.
- Create and maintain dashboards scorecards and risk indicators to provide visibility into the security and compliance landscape.
- Create and continuously build an evolving portfolio of audits and investigating new opportunities to further strengthen our capabilities and governance
Qualifications :
- Minimum 5 years of experience in IT audit risk management or cybersecurity compliance.
- Knowledge of ISO 27001 with experience implementing and maintaining compliance.
- Broader knowledge and practical experience with implementation of NIST Essential 8 SOC 2 and other security frameworks.
- Strong understanding of IT risks security controls and regulatory requirements.
- Experience in managing risk assessment programs and collaborating with multiple stakeholders.
- Demonstrated ability to develop and deliver security reports and compliance dashboards for senior leadership.
- Excellent analytical communication and stakeholder management skills.
- Experience working in healthcare sector or working in environments with health records desirable.
Additional Information :
We are not accepting applications from outside of Australia or from recruitment agencies.
You are welcome here.
Our fast-growing team of more than 3500 people around Australia represent a huge array of life experiences skills and ways of thinking. We value all these differences.
We are an Equal Opportunity Employer proudly welcoming people with disability including mental health conditions people from diverse cultural and linguistic backgrounds people from the LGBTQI community veterans carers and Indigenous Australians to our team.
We are happy to adjust our recruitment process to support accessibility needs.
Remote Work :
No
Employment Type :
Full-time
Employment Type
Full-time
