Due to growth within the firm, our Risk team are seeking a Compliance and Security Coordinator to lead and deliver compliance with ISO/IMS/ISMS across the firm.
Working as part of a collaborative and highly engaged function, the Risk team partners closely with a broad range of internal and external stakeholders to support strategic outcomes and business priorities. The team also oversees DISP‑aligned security governance, including personnel security, security awareness, incident management and protective security practices.
This role provides meaningful exposure to risk, compliance and security initiatives, offering opportunities to contribute to firmwide programs that directly support continuous improvement and long term business objectives.
Key Responsibilities:
- Lead and maintain firm‑wide compliance with ISO 9001, ISO 14001, ISO 45001 and ISO 27001, ensuring ongoing certification readiness and effective governance of the Integrated Management System (IMS) and Information Security Management System (ISMS).
- Develop, implement and maintain security governance practices in line with DISP and DSPF requirements, including preparation and submission of DISP documentation and audit support.
- Manage personnel security requirements, including AGSVA security clearances, onboarding and offboarding of cleared personnel, clearance registers, and security awareness and training.
- Maintain and enhance IMS and ISMS documentation, including policies, procedures, registers and records, ensuring accuracy and alignment with legislative and standards requirements.
- Coordinate external certification and surveillance audits, managing audit readiness, stakeholder engagement, logistics, corrective actions and ongoing certification requirements.
- Manage nonconformances, incidents, hazards and complaints, facilitating root cause analysis, corrective and preventive actions, trend analysis and continual improvement initiatives.
- Coordinate management review processes and provide meaningful compliance, risk and performance reporting and dashboards to leadership and governance forums.
- Deliver IMS and ISMS training, coaching and operational support to uplift capability, awareness and ownership across the business.
- Coordinate security incident, insider threat and business continuity activities, including incident reporting, liaison with authorities, annual BCP testing, and ongoing monitoring and improvement of security practices.