Technology Risk Governance

When you join ASX, you're joining a company with a strong purpose – to power a stronger economic future by enabling a fair and dynamic marketplace for all.

In your new role, you'll be part of a leading global securities exchange with a strong brand. We are known for being a trusted market operator and an exciting data hub. 

Want to know why we are a great place to work, click on the link to learn more.

The ASX team brings together talented people from a diverse range of disciplines. 

We run critical market infrastructure, with 1 in 3 people employed within technology.  Yet we have a unique complexity of roles across a range of disciplines such as operations, program delivery, financial products, investor engagement, risk and compliance.

We're proud of the diversity of our organisation and the culture of inclusion that all our people help to build every day. Our employee-led groups are known for celebrating cultural and religious events, championing LGBTIQ+ inclusion (recently achieving AWEI Bronze), inspiring giving and volunteering, promoting gender equality, and wellbeing.  We are an Employer of Choice for Gender Equality (WGEA) and a member of the Champions of Change Coalition for the advancement of gender equality in Australia. 

Your Team:
The ASX Technology division plays a pivotal role in shaping our enterprise technology strategy and ensuring the seamless operation of IT environments across all divisions and lines of business. The Technology Business Management & Strategy team partners with Technology teams to drive effective risk management, strategic planning, governance and performance outcomes.

Within this team, the Technology Risk function plays a critical role in supporting Line 1 ownership of risks, delivering risk insights, and uplifting control effectiveness across ASX Technology. We work closely with framework and control owners, the Technology extended leadership team, tech SMEs, and other risk counterparts across all three lines of defense, to embed practical, risk-informed decision-making across ASX.

Your responsibilities:

• Design and maintain divisional Technology Risk metrics and reporting frameworks, including definitions, thresholds, and aggregation logic aligned to the Enterprise Risk Framework.

• Build and maintain governance dashboards and reporting packs that consolidate risk and control data from multiple sources, enabling meaningful insights and trend analysis.

• Lead coordination and facilitation of divisional Technology Risk governance forums, enabling clear insights, actions, and escalation
  of key themes.

• Partner with portfolio managers, control owners, and Enterprise Risk to streamline reporting cadence and improve the traceability
  between system data, commentary, and decision-making.

• Analyse risk and control data to identify emerging trends, themes, and exposures, and translate these into actionable insights and commentary for management, board, and regulator reporting.

• Serve as a key input to the Enterprise Risk Transformation initiatives including risk reporting, frameworks and systems, ensuring divisional data and reporting align with future enterprise design while maintaining practical, tactical value now.

• Document and maintain divisional governance artefacts (templates, data dictionaries, reporting standards) to ensure consistent use and reusability of content across reporting cycles.

• Drive continuous improvement and automation of risk reporting, leveraging tools such as Power BI, Excel, and ServiceNow to reduce manual effort and uplift data quality.

Your experience and qualifications
Must have:

• 8 + years' experience in Technology Risk, Assurance, Governance, or Risk Data Analytics roles.

• Demonstrated experience designing or managing risk reporting and governance processes.

• Strong analytical and technical skills, including proficiency in Power BI, Excel, GRC platforms.

• Ability to interpret complex data and craft clear, concise, and action-oriented insights for various audiences.

• Excellent communication skills, capable of engaging confidently with technical and non technical stakeholders and contribute to written reports.

• Solid understanding of technology risk and control concepts, such as IT general controls, change and incident management, cyber risk fundamentals

• Strong stakeholder engagement and facilitation skills to help others define and use the right metrics.

Nice to have:

• Experience supporting risk transformation or reporting standardisation initiatives.

• Knowledge of data storytelling and visualization best practices for risk and performance audiences.

• Familiarity with regulatory reporting expectations in financial services or critical infrastructure contexts.

• Exposure to automation or workflow optimisation for risk and control processes.

• Relevant certifications (e.g. CISA, CRISC, ITIL, or data-visualization credentials such as DA-100).

We make hiring decisions based on your skills, capabilities and experience, and how you'll help us to live our values. We encourage you to apply even if you don't meet all the criteria of this role. If you need any adjustments during the application or interview process to help you present your best self, please let us know.

At ASX Group, our diverse workforce is essential to build and maintain a fair and dynamic marketplace. We support flexible working and offer hybrid working options. Even if our roles are advertised as full-time, we encourage you to apply if you are interested in part-time or other flexible working arrangements.

We will arrange for successful candidates to have background checks, including reference and police checks completed as part of the on-boarding process.