GRC Analyst

Who we are and what we do   Audinate leads the world in networked media with our "Dante" technology which is used extensively in professional audio & video applications, including live events, broadcast, entertainment venues and communication systems.      Dante replaces all audio and video connections with a computer network, effortlessly sending video or hundreds of channels of audio over slender Ethernet cables with perfect digital fidelity. Adopted by hundreds of manufacturers in thousands of products, Dante is the de facto standard for modern AV connectivity.   You’ll find us in the largest companies and institutions like the Sydney Opera House, NFL Media Headquarters, Microsoft, major universities and even a 900-year old cathedral featured in Harry Potter.

What You’ll Be Working On 

We are seeking a Governance, Risk and Compliance (GRC) Analyst to join our Cybersecurity Operations Team. You will help Audinate, and the Cybersecurity team develop and mature our risk and compliance function by collaborating with internal and external stakeholders to uplift and maintain our ISMS in pursuit of ISO27001 certification.

The ideal candidate will have experience working with the ISO27001:2022 standard and undertaking effective risk assessments and third-party security assessments. Additionally, you should have experience with internal audits, working with external auditors and managing a GRC platform.

Responsibilities

• Conduct risk assessments and third-party security assessments to identify potential gaps and vulnerabilities against ISMS policies, guidelines and associated controls.
• Work with stakeholders to design, implement, and conduct internal audits and report audit findings to management.
• Manage and maintain a GRC platform to track and report on compliance activities.
• Work closely with ISO27001 auditors to ensure successful audits and certification.
• Manage the risk assessment process including maintaining the risk register, information asset register, and incident register.
• Collaborate with cross-functional teams to address compliance issues and drive continuous improvement efforts
• Stay up to date on the latest regulations, standards and trends in risk and compliance.

Requirements

• Bachelor’s degree or industry certifications in information cybersecurity, risk management, governance, or a related field.
• 5+ years of direct experience in information security, with an emphasis on governance, risk and compliance.
• 3+ years of experience preparing for ISO27001 audits, as well as working with auditors to prepare audit responses.
• Thorough understanding of the ISO27001:2022 standard and associated guidelines.
• Experience with GRC Platforms such as ISMS.online, Vanta, SecureFrame or similar.
• Interpersonal skills (working with developers, engineers, business and operations & external stakeholders)
• Relevant certifications such as CISA, CISSP or CRISC are a plus.
• Ability to work independently and as part of a team
• Agile mentality: flexible, open to change and striving for continuous improvement