Head of Group IT Risk

Overview

At Metcash, you’re part of something bigger. We’ve got the heart of a small business with the strength and support of a big business. When you join Metcash, your work makes a real difference to independent businesses and local communities, empowering you to:

- Grow your career with tailored development programs
- Make your mark in a high-performing, values-led team
- Thrive your way with flexible work options

About the Opportunity

We’re seeking a Head of IT Risk to lead and strengthen our approach to IT, cyber security, and resilience risk across the Metcash Group. This pivotal role goes beyond compliance — it’s about building trust, enabling innovation, and ensuring our business continues to operate securely and effectively in an ever-evolving digital landscape.

You’ll be the guardian of our IT governance, risk, and compliance (GRC) framework, partnering with leaders across all lines of business to identify, assess, and mitigate risks. From embedding risk metrics into executive dashboards to steering third-party risk strategies and leading audit coordination, you’ll have a direct impact on protecting our people, our customers, and the communities we serve.

This is a senior leadership role with visibility at the highest levels of the organisation. You’ll work hand-in-hand with the Group CIO, CISO, senior executives, and the board, providing insights that shape strategic, risk-based decisions.

In this Role, You Will:

- Lead the design and execution of IT, cyber security, and resilience risk management, aligned with the Group’s overall risk appetite.
- Establish frameworks, policies, and controls that strengthen compliance with industry standards and regulatory requirements.
- Develop and report key risk indicators (KRIs) and metrics, ensuring executives have the clarity they need to make informed decisions.
- Partner with business units, platform teams, and Group SteerCos to align risk strategies and ensure accountability.
- Serve as the key contact for internal and external auditors, ensuring findings are captured, tracked, and remediated.
- Build and execute strategies to manage vendor and service provider risks, from due diligence through to ongoing oversight.
- Grow and mentor the IT Risk team, fostering a culture of proactive risk awareness and continuous improvement across the business.
- Provide leadership during IT incidents, ensuring lessons learned translate into stronger controls and resilience.

You’re Likely a Match If You Have:

You’re a trusted leader who can see the bigger picture without losing sight of the details. You balance technical expertise with strong business acumen, and you thrive in environments where you can influence, challenge, and partner with executives to create meaningful impact.

You’ll bring:

- Proven experience leading IT risk management in a large, complex organisation.
- Strong knowledge of frameworks such as ISO 31000, NIST CSF, Essential 8, and COBIT.
- Experience implementing and maintaining IT GRC systems, risk tooling, and executive dashboarding.
- Demonstrated success in third-party/vendor risk management and SLA oversight.
- Relevant certifications such as CRISC, CISA, CISM, or CISSP.
- Excellent communication skills — able to translate technical risk into plain language for executives and boards.
- A collaborative leadership style that inspires teams and drives cultural change.
- Resilience under pressure, with the ability to act decisively during incidents.
- Experience in logistics, supermarkets, retail, wholesale, or critical infrastructure industries.

What’s on Offer

- Extra Leave: 5th week of annual leave, 2 well-being days, 1 volunteer day
- Career Growth: Endless learning and development opportunities
- Parental Leave: 12 weeks of gender-neutral paid leave for primary carers
- Inclusive Culture: Bronze Employer for LGBTQ Inclusion
- Neutral Pay Gap: Gender pay gap under 5% (WGEA 2024–2025)
- Mental Health: Gold accreditation by Mental Health Australia
- Flexibility: Flex Ready and Family Friendly Workplace accredited

About Us

Metcash is Australia’s leading wholesale distribution company, with $19.5 billion in sales (FY25) and a proud spot in the ASX Top 125. We believe in the power of independent, family-owned businesses to shape vibrant communities. Through our food, liquor, and hardware pillars, we help retailers become the ‘Best Store in Their Town’ by providing merchandising, operational and marketing support. We’re committed to diversity, inclusion, and sustainability — and we welcome applicants from all backgrounds, including First Nations. If you need support during the application process, just let us know. Your privacy and dignity are always respected.

Join us and be part of something bigger

#J-18808-Ljbffr