Senior Information Security Compliance Analyst

We're looking for a technically-grounded Senior IS Compliance Analyst who speaks both security operations and compliance language fluently. This role sits at the critical intersection of technical security and governance, requiring someone who can translate complex security architectures into compliance frameworks and vice versa.

You'll be instrumental in assessing and integrating newly acquired companies into our security and compliance ecosystem, while also serving as a technical liaison for customer security assessments. This isn't a checkbox compliance role — we need someone who understands how security controls actually work under the hood.

• Lead technical security assessments and integration of acquired companies, mapping their security architectures and controls to our GRC frameworks, identifying gaps, and building remediation roadmaps that address both technical security and compliance alignment
• Bridge technical security and business stakeholders by evaluating risks through a technical lens, working alongside security engineering teams to translate GRC requirements into practical security measures, and communicating effectively across technical and non-technical audiences
• Develop and harmonize security policies and control frameworks across acquired entities, ensuring they're both audit-ready and operationally sound, while translating between technical security requirements and governance documentation
• Own customer security questionnaire responses by leveraging your hands-on security background to provide detailed, accurate answers and collaborating with infrastructure, application security, and operations teams to gather technical evidence
• Drive continuous improvement of our GRC program through technical security enhancements, meaningful security and compliance metrics, and process improvements that increase both control effectiveness and operational efficiency.

• Hands-on experience in technical security roles such as Security Operations, Incident Response, Security Analysis, penetration testing, or similar
• Practical knowledge of security tools, SIEM platforms, vulnerability management, and security monitoring; and ability to read and understand security logs, configurations, and technical documentation
• 6+ years of total experience with significant time in GRC
• Working knowledge of ISO 27001, NIST frameworks, SOC 1/2, and GDPR requirements
• Experience developing and implementing information security policies and controls
• ISO 27001:2022 Lead Implementer and Lead Auditor certification
• CISSP, CISM, CISA, or CRISC certifications – desirable

You're someone who gets excited about digging into technical security architectures but also understands why compliance frameworks matter. You can have deep technical conversations with security engineers in the morning and explain compliance requirements to business leaders in the afternoon. You're detail-oriented but don't lose sight of the bigger picture — securing the business while maintaining operational agility.

We're not just offering a role — we're inviting you to be part of a team that's genuinely transforming how global trade operates. You'll work with cutting-edge technology, collaborate with talented technical and security teams, and have the autonomy to make meaningful impact. If you're a technical security professional who's moved into GRC/Compliance and want to leverage both skill sets, this is your opportunity to do work that matters.

From time to time, WiseTech Global may use an external service provider to assess applications on our behalf. Accordingly, by applying for this role and providing your personal information to WiseTech Global, you consent to WiseTech Global providing this information to our external service providers who are required to treat such information with strict confidentiality in line with privacy and data protection laws and regulations.