IT Governance, Risk

Competitive salary package including up to 17% superannuation
- 2 x Full time positions available
- Be a driving force in safeguarding the success of our thriving IT business area

**Job Reference: 1192834**

**Digital & Technology Solutions (DTS)**
***
Are you driven by the excitement of navigating the ever-evolving landscape of technology and innovation while ensuring robust governance and risk management practices?

Our Digital & Technology Solutions (DTS) team are harnessing the power of leading platforms such as Amazon Web Services (AWS), Microsoft, and ServiceNow to deliver cutting-edge digital experiences for our students and staff. This is an opportunity to be at the forefront of shaping the future of education while safeguarding against potential risks, ensuring the seamless integration of cutting-edge technologies into our strategic vision.

If you enjoy technology, transformation, continual innovation, and change, we extend a warm invitation for you to join our forward-thinking team. Be a driving force in our journey of evolution at Curtin University

**Your new role**
***
We have two opportunities available (both fixed term and permanent) for **IT Governance, Risk & Compliance Specialists **to join our agile **Digital & Technology Solutions** team.

As an **IT Governance, Risk & Compliance Specialist**, you will support the execution of strategic initiatives within DTS by embedding a strong proactive risk culture and acting as a trusted advisor to the management and leadership team.

We are seeking an expert who is passionate about cyber risk management and can drive our processes, as we advance and mature our practices. You will be committed to continuous improvement and host the ability to identify opportunities for improvement and implement effective change.

**What you will be doing**:

- Conduct Governance Framework audit and assurance activities to ensure continued fitness for purpose and capturing improvement opportunities.
- Conduct detailed risk assessments, maintain a risk register, identify potential risk treatments, and coordinate and monitor implementation plans.
- Work with the relevant areas to review their functions and identify their risks and controls and recommend risk management and improvement opportunities.
- Develop and maintain the IT Risk Management Tool across the entire DTS functions and work with management to identify, document, track and resolve issues.
- Identification, evaluation, and testing of IT key controls by conducting process walkthroughs, gathering evidence, interpreting data and documenting test plans and results.
- Coordinate major IT Incident Response activities, including delivering of training, updating of procedures and development, facilitation and presentation of tabletop scenarios.
- Development and maintenance of the DTS business continuity framework including Business Impact Analysis, Business Continuity Plan and Disaster Recovery Plan and procedures.
- Prepare updates when required on audit remediation status to Curtin’s Internal Auditors and the Audit, Risk and Compliance Committee (ARCC).

**You will bring to the role**:
**Essential**:

- Extensive experience and management expertise in the following fields: IT Risk Management, IT Audit and Assurance.
- Knowledge of IT governance standards (ISO 31000, ISO 27001/2/5) frameworks and approaches, including understanding of IT risk and control environments (risk and control identification, assessment, tracking and remediation) with proven experience with operational and compliance risks in a technical environment.
- Experience with COBIT frameworks.
- Strong interpersonal, verbal, and written communication skills and proven ability to liaise professionally with multiple stakeholders.
- Demonstrated high level conceptual, analytical, and problem-solving skills with the ability to analyse and evaluate the impact of strategic technology issues on organisational operations and initiate appropriate responses and recommendations.

**Desirable**:

- Cyber Risk/Cyber Privacy practitioner experience, e.g. CISA, CRISC, CGEIT, CISM, ITIL, CCSP, CISSP and/or other IT Risk related certifications.
- IT Project Management experience.
- Experience with the ServiceNow GRC Module.
- Knowledge and understanding of cloud-based environments and ability to contextualise to risk management and disaster recovery.
- Experience reviewing and implementing COVID 19 response plans is highly advantageous.

To learn more about this opportunity, please contact **Michael Kelly**:
If you are seeking a role that offers competitive benefits, great work life balance and continuous learning opportunities within an innovative environment, we invite you to join us

**About us**
***
We are an energetic, dedicated team of academics and professionals working together to provide global solutions through quality graduates and innovative research. Curtin is a welcoming space where integrity, respect for one another, courage, excellence, a