Security Governance Risk And Compliance Analyst

Join a 2025 award-winning telecommunications company recognized as Australia’s Most Trusted Internet Provider and Most Trusted Telco.

The Opportunity

Your expertise in security governance, risk, and compliance will play a key role in managing third-party risk and protecting its information assets. As the Security Governance, Risk & Compliance Analyst, you’ll work closely with the security team to support vendor risk assessments, compliance initiatives, and security best practices across the organization.

Why join us?

• Proudly Great Place to Work® certified
• Celebrate globally: Company trips (2025: Hong Kong, 2024: Thailand), Culture Champs, Year-end parties, leadership awards & more
• Grow with stability: 100+ in our 10-Year Club by 2025
• Dynamic talent network: 2,000+ across APAC and beyond
• Competitive compensation with annual reviews
• Comprehensive medical care for you and your family
• Generous paid leave because work-life balance matters
• Level up with LinkedIn Learning and tailored training
• Flexible work setup
  
  
  

• Support the delivery of third-party vendor risk assessments, evaluating security posture and identifying potential risks.
• Review and analyze vendor assurance reports, ensuring alignment with organizational security standards.
• Assist in the implementation and continuous improvement of ISO27001 and broader security frameworks.
• Collaborate with internal and external stakeholders to drive understanding and adoption of security controls and initiatives.
• Develop and support user awareness programs to promote security best practices across the organization.
• Collect, organize, and maintain evidence of compliance with security controls and regulatory requirements.
• Support internal and external audit activities, including preparation of documentation and presentation of findings.
• Contribute to the ongoing improvement of security governance, risk, and compliance processes.
  
  
  

• Bachelor’s degree in Information Security, Cybersecurity, Business, or a related field.
• Minimum 1 year experience conducting vendor risk assessments and managing third-party security risks.
• Strong understanding of security frameworks, particularly ISO27001 and related compliance standards.
• Experience supporting governance, risk, and compliance (GRC) programs within an organization.
• Excellent communication and stakeholder management skills, with the ability to engage across all levels.
• Strong attention to detail with the ability to manage documentation, evidence collection, and reporting requirements.
• Ability to manage multiple priorities and timelines in a fast-paced environment.
• Strong problem-solving skills with a proactive approach to identifying and mitigating risks.
• Amenable to work on a 12-month term contract.
  
  
  

• Manila (BGC, Taguig): Australian hours (6 am – 3 pm PHT) with a hybrid set up.