Governance, Risk and Compliance Manager
OIF Ventures
Legal
Sydney NSW, Australia
Posted on Feb 26, 2026
Note: We're happy for this role to be based in Sydney or Melb (hybrid, 3-days in office per week)
Who We Are
estateXchange is taking the complexity out of deceased estate administration.
Trusted by Australia’s leading lawyers and corporates, we provide a secure, scalable platform that transforms the administration of deceased estates and superannuation death benefits.
Founded by Sarah Poole (ex-NAB) and Marielle Yeoh (ex-PEXA), estateXchange is modernising an industry long defined by paper-heavy processes and slow, fragmented systems.
Backed by leading investors including Macquarie Capital, Little Group, OIF Ventures and prominent Australian business leaders, we’re building the category-defining platform for Australia’s $5.4T intergenerational wealth transfer.
The difference you’ll make
Security and compliance aren’t afterthoughts here - they are foundational to our credibility and growth.
Our customers are regulated financial institutions. Their trust in our security posture underpins every commercial conversation.
As our GRC Manager, you will own and evolve our Governance, Risk & Compliance programme end-to-end. You’ll be the person our enterprise customers speak to about security. You’ll ensure we stay ahead of compliance obligations, maintain industry-recognised certifications, and continue building a security culture that scales with us.
This is a genuine ownership role in a scaling, high-impact environment.
What You’ll Do
Compliance Programme Leadership
💪 Proven Platform: Trusted by major corporates with enterprise-grade security and performance
🧠 Proven Team: Join a team with deep expertise in deceased estates and industry digitisation
🎯 Elite Backing: Supported by some of Australia’s most influential investors
🚀 Female Founders: Work alongside visionary leaders breaking barriers and reshaping an entire industry
📈 Massive Growth Potential: Be part of a category-defining company supporting Australia’s $5.4T intergenerational wealth transfer
🛠️ Modern Tech Stack: Django, React, AWS, Celery - production-grade and ready to scale
💰 Competitive Package: Attractive salary and potential to develop your role in a high-growth company
🌱 Culture That Matters: Collaborative, transparent, mission-led. We move fast, build smart, and celebrate impact
What’s next?
We’re partnering with estateXchange (an OIF Ventures portfolio company) to appoint this role.
If this sounds like you, apply directly or reach out to Pam Stevenson at pamela@oifvc.com for a confidential discussion.
Who We Are
estateXchange is taking the complexity out of deceased estate administration.
Trusted by Australia’s leading lawyers and corporates, we provide a secure, scalable platform that transforms the administration of deceased estates and superannuation death benefits.
Founded by Sarah Poole (ex-NAB) and Marielle Yeoh (ex-PEXA), estateXchange is modernising an industry long defined by paper-heavy processes and slow, fragmented systems.
Backed by leading investors including Macquarie Capital, Little Group, OIF Ventures and prominent Australian business leaders, we’re building the category-defining platform for Australia’s $5.4T intergenerational wealth transfer.
The difference you’ll make
Security and compliance aren’t afterthoughts here - they are foundational to our credibility and growth.
Our customers are regulated financial institutions. Their trust in our security posture underpins every commercial conversation.
As our GRC Manager, you will own and evolve our Governance, Risk & Compliance programme end-to-end. You’ll be the person our enterprise customers speak to about security. You’ll ensure we stay ahead of compliance obligations, maintain industry-recognised certifications, and continue building a security culture that scales with us.
This is a genuine ownership role in a scaling, high-impact environment.
What You’ll Do
Compliance Programme Leadership
- Own and run SOC 2 Type 2 and ISO 27001 audit cycles end-to-end (evidence coordination, auditor liaison, remediation tracking)
- Maintain and evolve our Information Security Management System (ISMS)
- Design, implement and uplift GRC policies and practices
- Drive continuous improvement across compliance maturity
- Lead responses to enterprise security questionnaires and due diligence processes
- Maintain standard security documentation and policy references
- Act as a key point of contact for customers on security posture
- Manage third-party vendor risk assessments
- Build and mature our enterprise risk management framework
- Oversee business continuity, disaster recovery and incident response readiness
- Strengthen AI governance controls and security oversight
- Partner with Engineering on secure SDLC practices and infrastructure security
- Work closely with the Head of Engineering on secure architecture decisions
- Partner with IT Operations on access management, vulnerability management and evidence collection
- Support Sales and Legal across the procurement lifecycle
- Help shape and embed a security-first culture across the organisation
- 5 - 10+ years in GRC, ideally within a SaaS / cloud-native environment and/or a large financial institution
- Deep, hands-on experience running SOC 2 and ISO 27001 programmes (not just exposure - ownership)
- Experience using compliance automation platforms (Vanta preferred, Drata or similar)
- Strong experience responding to enterprise security questionnaires (ideally financial services clients)
- Working understanding of AWS environments and SaaS architectures
- Excellent communication skills - comfortable representing our security posture to enterprise stakeholders
- Thrives in ambiguity and enjoys building systems from the ground up
- Mission-driven, pragmatic, and solutions-oriented
- Experience in regulated industries (financial services, fintech, superannuation, legal tech)
- Experience building or scaling GRC functions in high-growth startups
💪 Proven Platform: Trusted by major corporates with enterprise-grade security and performance
🧠 Proven Team: Join a team with deep expertise in deceased estates and industry digitisation
🎯 Elite Backing: Supported by some of Australia’s most influential investors
🚀 Female Founders: Work alongside visionary leaders breaking barriers and reshaping an entire industry
📈 Massive Growth Potential: Be part of a category-defining company supporting Australia’s $5.4T intergenerational wealth transfer
🛠️ Modern Tech Stack: Django, React, AWS, Celery - production-grade and ready to scale
💰 Competitive Package: Attractive salary and potential to develop your role in a high-growth company
🌱 Culture That Matters: Collaborative, transparent, mission-led. We move fast, build smart, and celebrate impact
What’s next?
We’re partnering with estateXchange (an OIF Ventures portfolio company) to appoint this role.
If this sounds like you, apply directly or reach out to Pam Stevenson at pamela@oifvc.com for a confidential discussion.