remoteonsite

InfoSec Governance, Risk and Compliance Lead - UpGuard

Security Engineer

Lead the design and execution of governance, risk, and compliance programs for a fast‑growing cyber‑risk platform, leveraging ISO 27001, NIST, and cloud security best practices.

About the role

Key Responsibilities

Define and drive the overall GRC strategy, aligning it with product roadmaps and regulatory requirements.
Develop, implement, and maintain security frameworks such as ISO 27001 and NIST CSF across the organization.
Lead risk assessment and threat modeling activities, translating findings into actionable remediation plans.
Oversee compliance programs (e.g., SOC 2, GDPR) and ensure continuous audit readiness.
Collaborate with engineering, product, and AI teams to embed security controls into the CRPM platform.

Requirements

5+ years of experience in information security governance, risk management, and compliance.
Hands‑on expertise with ISO 27001, NIST CSF, and cloud security (AWS preferred).
Proven track record of leading security audits, risk assessments, and remediation efforts.
Strong communication skills to influence stakeholders and translate technical risk into business impact.
Experience with AI‑driven security solutions or cyber‑risk platforms is a plus.

Skills

generative aiswift

CompanyUpGuard

DepartmentEngineering

LocationSydney, Australia

Experience7+ years

Tenurefull-time

LevelLead

Posted June 26, 2026