Security GRC Engineer - Employment Hero

Key Responsibilities

• Develop and maintain security governance, risk, and compliance (GRC) programs across APAC regions.
• Lead risk assessments, gap analyses, and remediation plans for cloud and on‑prem environments.
• Create, review, and enforce security policies, standards, and procedures aligned with ISO, SOC, GDPR, and local regulations.
• Coordinate internal and external audits, ensuring timely remediation of findings.
• Collaborate with engineering, product, and legal teams to embed security controls into product development.
• Provide training and awareness programs to promote a security‑first culture.

Requirements

• 5+ years of experience in security GRC, risk management, or compliance roles.
• Strong knowledge of ISO 27001, SOC 2, GDPR, and other relevant frameworks.
• Hands‑on experience with GRC platforms (e.g., RSA Archer, ServiceNow GRC).
• Excellent communication skills and ability to influence cross‑functional teams.
• Experience working in a fast‑paced, remote, multi‑region environment.