GRC Manager

Who are Web Travel Group

The Web Travel Group, an ASX 200 listed company (ASX: WEB), is a global B2B organisation servicing the travel industry by connecting hotels and other travel sellers to a diverse network of travel buyers worldwide through our trade-only digital travel marketplace, WebBeds.

In September 2024, we changed our name from Webjet Limited to the Web Travel Group as part of a demerger. The Webjet Group (Webjet B2C - comprising Webjet OTA, GoSee, Trip Ninja) demerged from the Web Travel Group, creating two independent companies, allowing us to pursue independent strategic priorities and growth agendas relevant to each business.

Find out more about the Web Travel Group at:

How will you make an impact

Join Web Travel Group as a GRC Consultant and take the lead in shaping and strengthening our compliance and security frameworks. You will play a key role in programs such as PCI-DSS, ISO 27001, and NIST CSF. Your responsibilities will include managing audits, conducting risk assessments, and supporting policy development to ensure our compliance posture remains strong and future-ready.

Key elements of the role include:

• Maintain and lead our compliance programs, including PCI-DSS, ISO 27001, NIST CSF, etc.
• Manage audit programs and liaise with third-party auditors.
• Conduct risk assessments and gap analyses to identify threats to our organization.
• Select and implement appropriate compliance tools to manage our programs.
• Facilitate third-party risk management, vendor due diligence, and contract compliance.
• Support the development of security and compliance policies and procedures.
• Monitor and report on key risk indicators (KRIs), compliance metrics, and audit findings.
• Stay current on emerging regulatory trends and best practices in risk and compliance.
• Follow up with stakeholders on open risks and ensure appropriate mitigations are in place.

The skills we would love to see in your suitcase!

• Bachelor's degree in a related field such as Commerce, IT, Information Security, Risk Management, or Finance.
• At least 2 years of knowledge of frameworks such as:
  • ISO 27001 / 31000
  • NIST CSF
  • PCI-DSS
• Strong analytical, writing, and presentation skills.
• Ability to manage multiple projects and interact with both technical and non-technical stakeholders.
• Professional certifications like CISA, CRISC, ISO Lead Auditor/Implementer are preferred.
• Consulting experience is a plus.

Why choose us as your next destination

We are proud of our dedicated team of friendly, energetic, and passionate professionals. Our people are key to our success, and everyone at WebBeds has a unique role to play as we continue to grow.

Our diverse workforce speaks over 50 languages, and whether working from offices in Dubai, London, Johannesburg, or Buenos Aires, we share a common goal: to take pride in our work and deliver unbeatable service and support to our partners.

• International, highly skilled team from around the globe
• Dynamic environment with opportunities to influence and drive change
• Market leader in a fast-growing, disruptive travel industry
• Culture built on collaboration, empowerment, and innovation

Find out more about WebBeds at - #LI-Hybrid