Location: Adelaide, Melbourne, or Sydney, Australia - Remote

Who Are We?

About Airlock Digital:

Airlock Digital is a global leader in application control and allowlisting. We seek to empower every organization to run only what they trust and operate free from malware and ransomware.  

With rapid growth across Australia, North America, and EMEA. We are committed to our core values, respect, determination, and integrity. We support a diverse and expanding global customer base. At Airlock, we pride ourselves on being a team of humble, collaborative, and driven professionals who support one another and share a passion for cybersecurity.

What We Are Looking For:

The Senior GRC Manager - Compliance & Assurance is responsible for leading Airlock Digital’s compliance and assurance program. This role owns key certification and compliance activities, including SOC 2, IRAP and ISO programs, and is accountable for audit management, internal control framework development, and the maintenance of policies, standards and procedures that support business and regulatory obligations. The role works closely with internal stakeholders across Technology and the broader business, as well as external auditors and certification bodies, to ensure Airlock Digital maintains an effective and scalable compliance posture. 

Key Responsibilities:

• Own and manage Airlock Digital’s compliance and assurance activities across relevant frameworks and programs, including SOC 2, IRAP and ISO. 

• Coordinate and manage external audits, assessments and certification activities. 

• Act as the primary internal point of contact for auditors, assessors and certification bodies. 

• Develop, maintain and continuously improve Airlock Digital’s internal control framework. 

• Review, draft, maintain and update policies, standards and procedures required to support compliance obligations and certification activities. 

• Monitor the effectiveness of controls and identify opportunities to strengthen Airlock Digital’s compliance posture. 

• Work with business and technical stakeholders to ensure controls are implemented, documented and operating effectively. 

• Maintain audit-ready evidence, documentation and records to support ongoing assurance activities. 

• Conduct compliance and control gap assessments and support remediation planning and tracking. 

• Prepare reporting for the Leadership Team, Board and other internal stakeholders as required. 

• Organise and attend relevant internal and external compliance meetings. 

• Provide practical guidance to stakeholders on compliance requirements, obligations and expected control outcomes. 

• Support the ongoing maturity and scalability of Airlock Digital’s governance, risk and compliance capability.

 

Required Skills & Qualifications:

• 5+ years experience in governance, risk, compliance, audit or assurance roles, ideally within a software vendor, technology business, consultancy or regulated environment. 

• Strong experience managing compliance programs and audits, including external certification or assurance activities. 

• Strong working knowledge of security and compliance frameworks such as SOC 2, ISO 27001 and IRAP. 

• Experience designing, documenting and maintaining internal controls and associated compliance artefacts. 

• Experience developing and maintaining policies, standards and procedures.

 

Bonus Points:

• ISO27001 Lead Auditor, ISO27001 Lead Implementer, IRAP Assessor, CISSP, CISM, CISA or others that relate to the GRC discipline would all be desirable.

What We Offer:

We don’t think money is everything, but we know it is an important part of your decision to apply for a role.  Additional factors considered in extending an offer include responsibilities of the job, education, location, experience, knowledge, skills, abilities, and internal equity, alignment with market data, or applicable laws.  

Flexible Work Environment, Hybrid or Remote – Time Off - Paid Volunteering Time - Birthday Leave - Paid parental Leaves - Home Office Allowance 

Our Commitment:

We believe in supporting our team members both personally and professionally. Named one of the Australia’s Greatest Places to Work and 5th best technology company for 2025, we value flexibility, trust, and a work environment that empowers our team to do their best work. 

We will be assessing applications as they come in, so we encourage you to send your resume through to us as soon as possible. All official job offers from our company are extended directly by our recruitment team and will be sent through an official BambooHR document for your review and signature. Please be aware that we do not ask for any personal information in the process of extending offers of employment, such as financial details. Upon acceptance of any offer, we will request such information as part of the onboarding process prior to or on your first day of employment, and only after completing a National Police Check through an authorized third-party vendor. If you receive any communication asking for personal details outside of these processes, please contact us immediately to verify the authenticity of the request. Your security is important to us, and we are committed to a safe and transparent hiring experience. No contact from recruitment agencies, thank you.