About LEAP
LEAP is the leading provider of Legal Practice Management Solutions in the world and is part of ATI – one of the largest international LegalTech companies. For more than 30 years, our curiosity and commitment to continual improvement has kept us reimagining productivity tools for lawyers and their staff to support our guiding purpose, to ‘Help lawyers who help people’. The market-leading software we develop, and support is used by more than 71,000 lawyers and their staff in small and medium-sized law firms.
Working alongside our international team of passionate high achievers, you’ll join a fast-growing technology business where things seldom stay the same for long. With more than 1000 smart, caring and ambitious ‘LEAPsters’ working together across Australia, Canada, the United States, the United Kingdom, the Republic of Ireland, Poland and New Zealand, you’ll find yourself in good company here.
What you'll do
We are looking for a GRC Analyst to support our Governance, Risk and Compliance function.
This role is ideal for an early‑career professional with a strong interest in information security, privacy, and regulatory compliance, particularly within technology and legal services.
You will work closely with senior security, privacy, legal, and engineering stakeholders to help maintain and improve our compliance posture, risk management activities, and internal controls aligned to Australian and international standards.
Working alongside the broader security team and reporting directly to our GRC Manager, you’ll collaborate with stakeholders across LEAP to ensure alignment on priorities and outcomes.
To make this happen, you will:
What you'll bring
You are the type of person who
LEAP is an inclusive, people-first company committed to breaking down institutional barriers that keep people from reaching their potential. If you meet some, but not all the requirements above, we encourage you to still submit your application.
Why join LEAP?
1. ISO 27001:2022 - Internal Auditor or Implementer or Lead Auditor
2. Solid understanding of information security principles, risk management concepts, and control frameworks
3.Demonstrated experience supporting ISO 27001 and/or SOC 2 audit processes, including evidence collection, audit coordination, and remediation tracking.
4. Maintain and manage risk registers, including tracking risk treatment actions and reporting on status
5. Good capability in developing and maintaining GRC documentation, including policies, procedures, business continuity (BCP), disaster recovery (DR), and security controls.
6. Experience supporting third-party/vendor risk management, including conducting security assessments and reviews.
7. Ability to respond to client security questionnaires and support customer assurance activities
8. Strong stakeholder engagement and communication skills, with the ability to work cross-functionally with security, legal, Cyber, IT and engineering teams
Sign in to browse authentic reviews, anonymous ratings and salary data before you apply.