Compliance Officer

AKA Vanta Champion, Cybersecurity Risk Manager, Compliance & Security Auditor, Information Assurance Specialist

About Askable

Askable has been changing the game in research and insights since 2017. Born in Brisbane, Australia, Askable is quickly making its way to global expansion. We’ve gone from 0-50 people in 6 years and following another stellar year of growth, we’re looking to bring on the right people to help us get to the next level.

Our Culture

When you join Askable, it’s not just another job. You’ll have the chance to build something that really matters. Our platform was built by UX researchers, for UX researchers. Our customers' experience comes first, always. Our company culture is very precious and highly valued. It‘s who we are and how we operate. At Askable, culture is more than having Friday beers, company ‘fun days’ and other benefits (sure, we do these things too), culture here is about creating a sense of belonging, and helping every person unlock their ultimate impact. In short, culture is vital to our success. So much so, we even wrote a book on our culture. If you’d like to learn more, get in touch and we’ll send you a copy.

High-Level Role Overview:

The Cybersecurity Assurance Analyst leads the maintenance of our cyber security assurance frameworks and activities to optimise and safeguard strategic digital service delivery in alignment with our Cyber Security Policy frameworks which include ISO 27001/27701, NIST Cybersecurity Framework and SOC2. This includes coordinating penetration testing, vulnerability management, and user access reviews.

You will also be responsible for managing internal and external audits to mitigate risks and work with the business to assist in reducing these. If you’re passionate about making a significant impact in a dynamic and nimble environment, and eager to be the cornerstone of our cybersecurity efforts, this role is tailor-made for you.

Here’s a snapshot of your Askable days:

  • Risk Management: Identifying, assessing, and prioritising risks to the organisation’s information systems and implementing strategies to mitigate these risks, in partnership with relevant responsible parties.
  • Security Policies and Procedures: Establishing and enforcing policies, standards, and procedures to guide the secure management and operation of information systems.
  • Compliance: Ensuring that the organisation adheres to relevant laws, regulations, and industry standards related to cybersecurity and privacy, working alongside (and informed by) our panel of privacy and security experts.
  • Incident Response: Maintaining and testing plans to detect, respond to, and recover from cybersecurity incidents and breaches.
  • Continuous Monitoring: Managing and continuously monitoring of our Vanta solution to assess and mitigate potential security risks.
  • Vulnerability Management: Scheduling regular independent penetration testing and vulnerability assessments, and ensuring that vulnerabilities are addressed.
  • Training and Awareness: Educating employees about cybersecurity best practices, potential threats, and their role in maintaining the organisation’s security.
  • Third-Party Management: Ensuring that third-party vendors and partners comply with the organisation’s cybersecurity requirements and do not introduce additional risks.
  • Auditing and Assessment: Coordinating regular internal and external audits and assessments to evaluate the effectiveness of security and privacy controls and identify areas for improvement, ensuring adherence to cybersecurity standards and frameworks.
  • Collaboration and Updates: Collaborating with cross-functional teams to enhance and implement security measures, and staying updated with the latest cybersecurity trends, threats, and technology solutions.

Key Relationships:

Work closely with the COO, Technology Services and Information Security Manager, Security and Privacy vendors, and other Askable departments.

What You’ll Bring:

  • Proven experience managing cybersecurity frameworks and standards such as ISO 27001, NIST Cybersecurity Framework and SOC2.
  • Knowledge of privacy frameworks and standards, such as ISO27701 and NIST Privacy Framework.
  • Excellent problem-solving skills and attention to detail.
  • Effective communication and teamwork abilities, with experience working in cross-functional teams.
  • Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable.
  • Ability to manage multiple tasks and projects in a fast-paced environment.

Benefits

We have loads of incredible employee benefits that I’d love to shout about. But if you’re genuinely interested in this role, let’s chat about them over coffee instead 😊

Final thoughts

If you’re reading this and are excited but a little scared because you don’t think you have it all, research shows that some people are less likely to apply to jobs unless they meet every single criteria so that’s a normal feeling. At Askable, we are committed to building diverse teams so please apply even if your past experience doesn’t align perfectly with the requirements.

Brisbane, Australia

Compliance Officer

Apply for this role

Let’s keep in touch

Join our talent community to stay in touch with the Askable team, keep up to date with relevant opportunities and receive tips to support your job hunt.

Join now
By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.