Technology Risk and Complaince Manager

1 week ago


Melbourne, Australia McMillan Shakespeare Full time

The McMillan Shakespeare Group (MMS) is a trusted provider of salary packaging, novated leasing, disability plan management and support co-ordination, asset management and related financial products and services. From our origins in 1988 when we created Australia’s salary packaging industry to today, MMS has a proud history of innovation and exceptional service.

Through our subsidiaries, we offer a breadth of services and expertise designed to responsibly deliver superior long-term value to our clients and customers, which include Federal and State governments and some of the largest public and private sector, health and charitable organisations.

The Manager Technology Risk & Compliance role can be done from Adelaide, Brisbane, Melbourne or Sydney and is a paternity cover for 6 months full time that may extend to one year.

MMS has a number of compliance obligations imposed by the regulatory and contractual environment in which we operate. The manager technology risk and compliance is to lead the analysis monitoring and strict compliance to internal, audit and contractual policies and controls in relation to the delivery of governance over digital and traditional on-premise services. A key component of the role is education and awareness ensuring staff and 3rd parties are abreast of the requirements in order to meet this compliance.

The Manager Technology Risk & Compliance is responsible for direct control of security owned controls and compliance obligations in addition to stakeholder management and leading oversight governance of first line of defense teams and their roles in monitoring, analysing, executing security governance controls. The manager must develop a strong working relationship with IT functional teams and business stakeholders to ensure baseline security requirements are met and assets remain protected within these functional areas and escalated where non-compliance exists.

The Manager Technology Risk & Compliance is also responsible for keeping abreast of legislative, compliance and security industry changes as they relate to MMS business whilst developing, maintaining and reporting risk management frameworks that aim to protect the confidentiality,

availability and integrity of group assets including data.

The Role:

- Map existing contracts against security standards identifying potential gaps in compliance and for input into the information security policy and standards
- Manage and lead internal and external audits end to end being the technology authoritative source and focal point whilst ensuring relevant artefacts are sourced and provided in a timely manner
- Evaluate cyber-security standards including NIST, ASD Essential 8, ISO27000 and PCI DSS for alignment with internal frameworks
- Ensure internal security standards, policy, audit and contracted security requirements are communicated across the business and with 3rd Parties
- Ensure 3rd parties comply with all relevant due diligence obligations and provide regular attestations
- Manage the cyber-security education, training and awareness program and educate employees in security best practices
- Periodically conduct security reviews and workshops to report business effectiveness in meeting documented standards, controls and compliance to contractual or policy objectives
- Lead, steer and oversee the Information, Communication and Technology Risk management framework
- Conduct regular risk assessments and workshops to ensure risks to the organisation are assessed and understood, and are fed back to stakeholders to ensure the continued effectiveness of the risk management strategy
- Manage and improve the risk posture, contribute and evaluate solutions for remediating or mitigating risks and assess residual risks
- Work with all stakeholders to educate and identify controls and compliance requirements that are applicable
- Undertake contract and 3rd party security reviews providing guidance, checklists to support business risk decisions
- Generate security metrics and provide regular reports on security compliance performance to technology management and risk and audit committees
- Lead and prepare Crisis management testing and response exercises and relevant reporting
- Respond to information security incidents
- Lead, maintain and develop incident response processes and procedures when new threats to the organisation arise
- Be an active participant in incident management to support controlled and coordinated responses
- Develop security policy, standards and develop processes and procedures for evaluation and exemption where required.
- When necessary, prepare Post Incident Reviews
- Any other security risk and compliance initiatives, as requested.

You will bring:

- 5-10 years experience in IT Security and Risk Management
- Experience with legal and regulatory obligations such as the Australian Privacy Principles.
- Supply chain risk management and assesments including 3rd party security risk assessments
- Experience



  • Melbourne, Victoria, Australia McMillan Shakespeare Full time

    The McMillan Shakespeare Group (MMS) is a trusted provider of salary packaging, novated leasing, disability plan management and support co-ordination, asset management and related financial products and services. From our origins in 1988 when we created Australia's salary packaging industry to today, MMS has a proud history of innovation and exceptional...

  • Risk Manager

    2 weeks ago


    Melbourne, Australia Compliance and Risk Management Recruitment Full time

    Transport / Logistics / Drivers - Supply Chain - Other - Melbourne - Permanent / Full Time **19th March, 2024**: **Exciting opportunity join a Global Freight Business. This role plays a pivotal role in supporting the business around its third party providers.** **Key Responsibilities** - Design, implement and manage a common and consistent third-party risk...


  • Melbourne, Australia Link Group Full time

    **Overview** Reporting to the Head of Strategy, Architecture and Governance, this role is responsible for developing and enhancing Link RSS Technology risk and compliance framework, enabling Link RSS to identify, assess, monitor, and control its IT and related risks. It includes the end to end management of managing the resolution of risk related incidents...


  • Melbourne, Victoria, Australia Link Group Full time

    OverviewReporting to the Head of Strategy, Architecture and Governance, this role is responsible for developing and enhancing Link RSS Technology risk and compliance framework, enabling Link RSS to identify, assess, monitor, and control its IT and related risks. It includes the end to end management of managing the resolution of risk related incidents and...


  • Melbourne, Australia Bupa Full time

    **The opportunity** Technology is a fundamental enabler of our business and our purpose to deliver longer, healthier, happier lives. Business and Technology management therefore have a responsibility to ensure decisions regarding technology are fiscally prudent, aligned to our business strategy, keep our information secure and meet all relevant legal and...


  • Melbourne, Australia Bluefin Resources Full time

    **The Company** You will join a leading Australian financial services organisation that puts its customers first and prides itself on the diversity of people. **A day in the Life of a Technology Risk Manager - Cloud** This second-line role is responsible for reviewing how well the organisation is adhering to the risk management framework, policies and...


  • Melbourne, Victoria, Australia Bluefin Resources Full time

    The CompanyYou will join a leading Australian financial services organisation that puts its customers first and prides itself on the diversity of people.A day in the Life of a Technology Risk Manager - CloudThis second-line role is responsible for reviewing how well the organisation is adhering to the risk management framework, policies and procedures...


  • Melbourne, Victoria, Australia Mars Recruitment Full time

    Key Responsibilities: Ensure the appropriate and successful execution of Operational Risk Framework throughout the business Identify key incidents, as well as manage the appropriate escalation and remedial actions Support the wider Cyber, Technology and Data teams with highquality risk advice and collaboration Conduct 'Risk in Change' assessments and product...

  • Sustainability, Risk

    3 weeks ago


    Melbourne, Australia Compliance and Risk Management Recruitment Full time

    Education & Child Care - Secondary - Other - Melbourne - Permanent / Full Time **20th March, 2023**: Our client is a leading co-educational catholic school located in the South East of Melbourne. With a culture of continuous improvement coupled with respect, collaboration, and generosity they boast a long -term staff tenure on large & impressive grounds...


  • Melbourne, Australia Cbus Full time

    Manager - Technology & Data Risk **About Cbus** Created by workers, for workers, Cbus Super is one of Australia's most successful Superannuation funds. For almost four decades we've proudly represented those who help shape Australia, hard-working individuals who deserve to make the most of their retirement, no matter the industry. As an award-winning fund...


  • Melbourne, Victoria, Australia Cbus Full time

    Manager - Technology & Data RiskAbout CbusCreated by workers, for workers, Cbus Super is one of Australia's most successful Superannuation funds. For almost four decades we've proudly represented those who help shape Australia, hard-working individuals who deserve to make the most of their retirement, no matter the industry. As an award-winning fund we've...


  • Melbourne, Victoria, Australia Compliance and Risk Management Recruitment Full time

    Education & Child Care Secondary Other Melbourne Permanent / Full Time20th March, 2023:Our client is a leading co-educational catholic school located in the South East of Melbourne. With a culture of continuous improvement coupled with respect, collaboration, and generosity they boast a long -term staff tenure on large & impressive grounds designed to...

  • Risk, Compliance

    2 weeks ago


    Melbourne, Australia Compliance and Risk Management Recruitment Full time

    Healthcare & Medicine - Other - Melbourne - Permanent / Full Time **23rd February, 2024**: Established over 60 years ago, we are currently working with an established NFP organisation that focuses on enriching the lives of their participants and making their world a little brighter! Our client is an Australian NDIS provider that focuses on delivering...


  • Melbourne, Australia Bluefin Resources Full time

    **The Company** You will join a leading Australian financial services organisation that puts its customers first and prides itself on the diversity of people. **A day in the Life of a Technology Risk Manager - Cloud** This second-line role is responsible for reviewing how well the organisation is adhering to the risk management framework, policies and...


  • Melbourne, Australia ANZ Banking Group Full time

    **Req ID**: 60295 **Department**: Risk Technology Risk **Division**: Risk **Location**: Melbourne About the role At ANZ our purpose is to shape a world where people and communities thrive. We’re making this happen by improving our customers’ financial wellbeing so they can achieve incredible things - be it buying their home, building a business, or...


  • Melbourne, Australia ANZ Banking Group Full time

    **Req ID**: 60295 **Department**: Risk Technology Risk **Division**: Risk **Location**: Melbourne About the role At ANZ our purpose is to shape a world where people and communities thrive. We’re making this happen by improving our customers’ financial wellbeing so they can achieve incredible things - be it buying their home, building a business, or...


  • Melbourne, Australia AustralianSuper Full time

    At AustralianSuper, we truly care about our colleagues. We know work and life are intertwined. That’s why we support the diverse needs of everyone and have policies that enable us all to thrive and be truly flexible. We ensure diversity is celebrated for the opportunity it provides us all to learn and grow and deliver better outcomes for members. **Your...


  • Melbourne, Australia Compliance and Risk Management Recruitment Full time

    Mining / Oil & Gas / Utilities - Other - Melbourne - Permanent / Full Time **31st August, 2023**: **This is an exciting opportunity to be part of a Global Sustainable Infrastructure/Renewable Energy entity that has being growing in Australia for the past 20 years. This organisation specialises in wind and solar energy farms around the globe.** **Key...


  • Melbourne, Victoria, Australia AustralianSuper Full time

    At AustralianSuper, we truly care about our colleagues. We know work and life are intertwined. That's why we support the diverse needs of everyone and have policies that enable us all to thrive and be truly flexible. We ensure diversity is celebrated for the opportunity it provides us all to learn and grow and deliver better outcomes for members.Your new...


  • Melbourne, Victoria, Australia Australian Unity Full time

    Join us and let's make a bigger difference together.It's an exciting time to be joining Australian Unity - we have grown significantly over recent years and are transforming to capitalise on further growth opportunities to help our customers and employees thrive. We operate with commercial principles and with a strong social purpose to create community...