Security Governance, Risk and Compliance Lead
Job no: 40005054
Work type: Full Time
Location: Melbourne - North, Melbourne - South, Melbourne - East, Melbourne - West, Melbourne - Inner
Visy is powering the circular economy, closing the loop between packaging, remanufacturing, and recycling. Over 75 years, we've grown to 7,000 employees and 150 global operations –predominately in Australia and New Zealand.
Role Details:
Reporting to the Chief Security Officer, the Security Governance, Risk & Compliance (GRC) Lead is responsible for maturing a comprehensive GRC program across the enterprise, covering cyber, physical, and personnel security.
What you'll do:
- Perform security risk assessments and compliance reviews to measure security effectiveness.
- Develop security policies and risk assessment methodologies to integrate security into business processes.
- Collaborate with cybersecurity, protective security, risk, and other internal teams to align security governance across Visy.
- Measure and report on security posture through key security metrics and executive reporting.
- Ensure compliance with regulations, manage security audits, and track remediation efforts.
- Drive automation and process improvements to enhance security assurance.
What you will bring:
- Professional certification such as CISSP or equivalent and extensive knowledge of security frameworks including (NIST-CSF 2.0, NIST 800-53, ISO 27000 and ISO 31000).
- Strong regulatory and compliance expertise, with a deep understanding of industry-specific security requirements.
- Proven ability to conduct threat modelling, risk assessments, and risk management.
- Up-to-date knowledge of emerging cyber security threats and evolving risk landscapes.
- Hands-on experience supporting Governance, Risk, Compliance and Assurance programs.
- Ability to work independently in a small, geographically distributed team, while also collaborating effectively.
- Strong analytical and problem-solving skills, with a data-driven approach to security metrics and reporting.
- Attention to detail in risk documentation, internal auditing, and security policy development.
- Exceptional stakeholder management and communication skills, with the ability to translate security risks into business language.
- A strategic mindset with the ability to align security initiatives with business goals.
What you’ll love when you join us:
- Sustainability & Innovation – Be part of a company that’s making a real difference in environmental responsibility and circular economy solutions.
- Collaborative Culture – Partner with cross-functional teams and work closely with senior leaders to drive security excellence.
- Career Growth – Lead strategic security initiatives in a growing security function.
If you’re ready to take on a leadership role in security governance or supply chain security, we’d love to hear from you. Apply today and become part of a high-performing security team!
You will be required to meet Visy’s employment criteria which will include a criminal history check.
Visy is an equal-opportunity employer committed to providing a working environment that embraces and values diversity and inclusion.
Only applications from people with the right to live and work in Australia will be considered for this position.
Advertised: AUS Eastern Daylight Time
Applications close: AUS Eastern Standard Time
Back Apply Employee Referral