Our client is a purpose-driven organisation operating in a dynamic and highly regulated environment. They are committed to best-in-class governance, compliance, and privacy practices and are now seeking a talented professional to lead key initiatives across GRC systems, privacy, and ethics.
About the Role We are looking for a GRC Lead and Privacy Officer to take ownership of the organisation’s GRC platform (Archer), lead system enhancements, and champion data privacy compliance across all business units.
This is a rare opportunity to combine technical system expertise with privacy leadership, stakeholder engagement, and strategic risk management.
Key Responsibilities GRC System Management
- Manage and support the Archer GRC platform (configuration, upgrades, issue resolution).
- Partner with IT and Compliance to integrate new use cases and enhance system functionality.
- Train and support users, maintain documentation, and drive system adoption.
- Develop dashboards and reports to support governance and risk insights.
- Maintain the compliance risk register and lead enterprise risk assessments.
- Support internal stakeholders with compliance initiatives and risk mitigation strategies.
- Monitor and report on compliance and governance performance.
- Develop, implement and enforce privacy policies aligned with Australian privacy laws (APPs).
- Lead privacy assessments (PIAs), manage privacy incidents, and regulatory reporting.
- Work closely with IT and Cybersecurity to embed data protection controls.
- Provide key support to the Ethics Officer.
- Manage ethics reporting and assist with the rollout of ethics frameworks.
- Assist with regulatory reporting, audits, and data analysis across risk, privacy, and ethics.
- 8+ years' experience in GRC, risk, privacy or compliance roles (regulated environments preferred).
- Strong understanding of Archer GRC or similar systems.
- In-depth knowledge of Australian privacy laws and risk management methodologies.
- Excellent stakeholder engagement, problem-solving, and project management skills.
- Strong attention to detail and ability to interpret complex regulations.
- Proficient in Microsoft Office and digital reporting tools.
- Tertiary qualifications in Risk, Law, Business or Information Security,
- Relevant certifications (CISA, CRISC, CIPP, or equivalent) highly regarded.
- Work with a collaborative and forward-thinking compliance team.
- Lead key initiatives across technology, governance, and privacy.
- Hybrid working arrangements and supportive leadership.
- Opportunity to make a real impact in a high-visibility role.
0450363147
lruddy@sharpandcarter.com.au
