Business Analyst - Protecht GRC Specialist

Job Requisition Number: 13423

Date: 13 Oct 2025

Location:

NSW, AU

Will you actively create a healthier future for tomorrow? 

At Medibank we’re encouraged to think big. We have a clear purpose to impact better health outcomes for our customers, patients and our community. We celebrate diversity of thought because we want to make better decisions for our customers. As we work towards our goal of better health for better lives, we value the knowledge and contribution of Aboriginal and Torres Strait Islanders. We are working hard to create an inclusive workplace and develop Indigenous careers.

Medibank has bold 2030 Vision to deliver the best health and wellbeing for Australia increasingly relies on succeeding in Digital. Digital platforms and engineering services will be a critical enabler for future health and insurance experiences we deliver to our customers. The current Digital platforms have strong capabilities but for us to win in the context of 2030 vision, our digital assets will need to be reimagined and further evolved that is scalable, increases agility and accelerate solution delivery with improved security posture. 

About the Role

We’re seeking a highly skilled Specialist Business Analyst with strong technical expertise in Protecht GRC systems to support the uplift of Medibank’s Compliance Management Framework and clear a critical backlog of work. This role will focus on configuring, administering, and optimising our GRC platform to ensure robust compliance and reporting capabilities.

Key Responsibilities

You’ll work closely with senior stakeholders, risk teams, and technical experts to:

Develop and configure the GRC system to support components of the Compliance Management Framework (e.g., Incident Management, Obligations Management, Oversight and Assurance).
Administer the GRC system, including:
- Creating and revoking system access.
- Maintaining system registers and performing general maintenance.
- Communicating upgrades and changes.
- Engaging with system vendors as needed.
Manage vendors engaged for GRC-related project work, including:
- Budget oversight.
- Invoice management.
- Delivery of projects.
Build reports and dashboards for all levels of staff to enable autonomous access to compliance and risk information.
Design or re-design registers within the GRC system to meet evolving business needs.

Core Activities Include:

Cleaning up and optimising the back end of the GRC system.
Managing broken processes and ensuring system integrity.
Partnering with internal teams and senior leaders to validate requirements and deliver solutions quickly.

What You’ll Bring:

3–5 years of experience working with GRC systems (Protecht experience highly regarded).
Strong technical capability to configure and manage GRC platforms.
Understanding of risk and compliance frameworks.
Excellent stakeholder engagement and communication skills.
Ability to work independently and deliver results under tight timelines.

A career with us

At Medibank, we believe work is something we do, not somewhere we go. Our modes of working – Collaboration, Connection and Concentration – help inform how your day is structured and where you choose to work will vary, depending on your role and requirements.  

The wellbeing of our employees is our priority. We encourage you to talk to us about any additional support you may require during the recruitment process, as well as how this role can be flexible for you. We encourage applications from candidates with a disability, if you require any adjustments or alternate formats of key information at any stage of the recruitment process, we welcome hearing from you.