Technology Assurance Risk

**About the role**

As the **Technology Assurance Risk & Compliance Lead** you will be responsible for the management and delivery of the ISMS across NHVR with consideration of technology risks associated to Cyber Security. Leading the Technology Assurance, Risk & Compliance team you will help to grow a security aware culture across the regulator, while ensuring that appropriate risk management considerations are applied.

Reporting to the Director Technology Commercial & Assurance, you will solve complex problems and balance getting innovative business solutions to market whilst managing risk. You will ensure the NHVR’s vendor ecosystem is properly evaluated, assessed and managed to minimise risk exposure and risk impacts to the business.

**Key responsibilities of this role are**:

- Supervise the Cyber Technology Governance processes to ensure that NHVR’s enterprise-wide security program responds appropriately to the changing threat environment and external obligations
- Ensure the Technology Assurance, Risk and Compliance (GRC) system is designed and operating effectively - empowering the user experience and moving the organisation towards a more dynamic, automated and data driven assessment of risk
- Determine, plan and build a Technology GRC team, ensuring that capability and resource is applied effectively to manage NHVR’s Information Security Risk position
- Provide advice and leadership in relation to the NHVR’s risk profile, emerging risks and better practice risk and compliance management, with a particular focus on technology and cyber risks
- Proactively manage Cyber Security Risk and ensure that ongoing issues are identified and resolved, and/or projects are planned to correct underlying issues
- Produce and deliver regular reporting through to the Director Governance Risk and Assurance on NHVR’s Cyber Security Risk position for consumption by the Executive Leadership Team, Audit & Risk Committee and Internal Audit
- Lead compliance reporting and audit processes as required
- Own relationships with cyber security IT partners with the support of Procurement

**About You**
- 5+ years’ experience within Information Security roles
- Experience in designing and implementing Information security programs, policies, and procedures, in enterprise environments
- Knowledge of Information Security frameworks and standards including ISO 27001, NIST, ASD Essential 8
- Experience managing and running a robust Vendor Security Risk Assessment process using SIG templates
- Strong interpersonal and people management skills to build effective, sustainable relationships

**Why join us?**

The National Heavy Vehicle Regulator (NHVR) commenced operations in 2013 as the national entity responsible for regulating all vehicles in Australia over 4.5 tonnes gross vehicle mass. The NHVR minimises the compliance burden on the heavy vehicle transport industry, reduces duplication and inconsistences across state and territory borders, and ultimately for the heavy vehicle business with government in Australia.

We are headquartered in Brisbane and employ more than 1000 people across the ACT, New South Wales, Queensland, South Australia, Tasmania and Victoria.

**We offer**
- A competitive salary package of **_$141,018_**_ + superannuation _
- _Monthly RDO_ and paid leave over Christmas closure
- Hybrid working environment - up to 2 days from home
- Up to14.5% superannuation through a co-contribution scheme
- Leave loading 17.5%
- Wellbeing programs - discounted fitness through Fitness Passport, Discount health insurance, flu vaccine, financial programs including discounted banking products, finance information sessions
- Salary packaging options including novated lease
- Discounted IT products including Microsoft and free family password security plan
- Ongoing training and professional development support
- Professional membership

**Application Process**

Successful applicants will be required to complete standard pre-employment checks including a national police and work rights check.