Totara's is a fully customizable learning management system (LMS) that boosts compliance rates, optimizes training effectiveness, and maximizes staff retention – at unrivaled scale. Built and deployed by a global partner network, Totara's platform handles all learning, compliance, and performance management needs no matter the industry or complexity. That's why Totara is trusted by 20 million users across 1500+ customers and 50+ countries.

We are seeking a dynamic and motivated Governance, Risk, and Compliance (GRC) expert to lead the development and management of our cybersecurity compliance program. In this role, you will drive the design and implementation of security governance standards across the company, ensuring our practices not only meet regulatory and legal requirements but also support our global business goals. This role will work closely with cross-functional teams to assess and manage risk, maintain compliance, and drive continuous security improvement.

Responsibilities:

• Lead the design and implementation of Totara's GRC program, ensuring compliance with applicable regulatory requirements and internal policies.

• Identify compliance gaps and develop roadmaps to achieve compliance

• Develop and enforce governance and risk management standards across the organization.

• Oversee risk assessments, identify vulnerabilities, and provide recommendations for risk mitigation strategies.

• Monitor and ensure compliance with industry standards such as ISO 27001, FedRAMP, NIST, GDPR, etc.

• Collaborate with internal departments (Engineering, IT, HR, Finance) to establish effective risk and compliance processes.

• Manage third-party risk assessments, due diligence, and vendor compliance.

• Lead the development of security policies and controls

• Lead information security awareness training activities for the enterprise

• Develop content and communications for cyber security awareness

• Identify relevant key performance indicators (KPIs) to quantify the effectiveness of controls implemented for risk management activities

• Act as a key liaison for audits, regulatory inquiries, and external assessments.

• Ensure proper documentation of risk management and compliance activities, including reporting to senior leadership.

Knowledge & Experience:

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field with a minimum of 5 years of relevant experience.

• Extensive knowledge of global cyber regulations, compliance standards, and technology with a proven track record in implementing and managing security frameworks.

• Hands-on expertise implementing ISO 27001 is required.

• Significant experience in designing, developing, and managing security policies, procedures, and controls to safeguard critical assets.

• Strong organizational and project management abilities, with the capacity to juggle multiple tasks while effectively managing stakeholders.

• Demonstrated experience in setting clear expectations and delivering results with professionalism, self-motivation, and integrity.

• Exceptional analytical skills, with the ability to translate complex security concepts into actionable strategies and communicate them effectively.

• Excellent communication skills, both verbal and written, with the ability to clearly convey security and risk concepts to technical and non-technical stakeholders alike. Strong interpersonal skills are a must.

Benefits and Perks:

• Enhanced Parental Leave

• Private Health Insurance Cover

• Professional Development Opportunities

• Annual Wellbeing Allowance

• New Joiner home working set-up allowance

• Additional Paid Leave: Birthday off, Working days between Christmas and New Years Eve