IT Cyber Risk Management Professional

IT Cyber Risk Management Specialist

We are seeking a highly skilled IT Cyber Risk Management Specialist to join our team. In this role, you will be responsible for providing independent oversight and expert advice on technology and cyber risks across the organisation.

This is an exciting opportunity to shape and uplift cyber risk management in a changing regulatory environment. You will work closely with senior stakeholders and advance your career at our company. We are open to considering candidates from a wide range of backgrounds, including Line 1/2/3 Risk, professional services or strong operational experience in Technology and Cyber.

• Provide independent oversight, effective challenge, and expert advice on technology and cyber risks across the organisation as a Senior Manager in the Line 2 IT & Cyber Risk Advisory team.
• Support the Chief Information Security Officer (CISO), Chief Risk Officer (CRO), and senior business stakeholders in managing risk within appetite and regulatory expectations.
• Provide Line 2 oversight and challenge of the enterprise's IT and cyber risk management practices.
• Act as a trusted advisor to the business, technology, and cyber security teams on emerging risks, control effectiveness, and risk mitigation strategies.
• Independently assess the adequacy and effectiveness of IT and cyber controls.
• Review and challenge key risk and control assessments, risk acceptance decisions, and IT/cyber components of material change programs.
• Support the ongoing implementation and uplift of the enterprise risk management framework, focusing on IT and cyber domains.
• Contribute to Line 2 risk reporting to senior executives, Board Risk Committees, and regulators.
• Collaborate with Line 1 Technology, Cyber Security, and Business Units to uplift risk maturity.
• Lead Line 2 risk reviews or deep dives into high-risk IT environments or significant incidents.

The successful candidate will have:

• Experience in IT risk, cyber risk, internal audit, and/or technology assurance roles, preferably in the Financial Services industry.
• Strong knowledge of regulatory frameworks such as APRA CPS 234, CPS 230, CPS 231, NIST, ISO 27001/2, COBIT, and/or ITIL.
• Highly collaborative, with excellent communication skills and ability to influence senior stakeholders.
• Ability to balance commercial acumen with risk stewardship.
• Prior experience in a Line 2 Risk role or relevant consulting/advisory experience highly regarded.
• Tertiary qualifications in Information Technology, Cybersecurity or Risk Management and relevant certifications preferred (e.g. CISM, CRISC, CISSP, CISA).

In addition to a competitive salary and benefits package, you will also receive:

• Access to our Employer Super fund, which offers an expansive investment menu and flexible insurance solutions.
• Support with financial services, including discounts on home loans and daily bank accounts through our partnership with a leading financial institution.
• Access to 24/7 confidential support covering safety, medical and mental health services.
• Life Leave - 3 days per annum to focus on your wellbeing or celebrate a special event.
• Exclusive discounts on retail, travel and entertainment.
• Additional leave day to celebrate your birthday.

We are committed to creating a thriving environment where individuals can flourish. We believe that success is built upon strong teams, and we are dedicated to celebrating uniqueness, championing individuality and supporting a diverse and inclusive workforce.

Please note, we require all candidates to have full work rights in Australia.

Where we have preferred candidates, background checks (including Police, Employment, Bankruptcy checks, ASIC banned and disqualified persons) will be completed prior to the final preferred candidate's employment being confirmed.