THE ROLE & RESPONSIBILITIES

As the IT Governance & Compliance Manager you will be responsible for the review, establishment, and ongoing strategy of IT GRC across the organisation and its sub-companies/funds.

This is a newly created role for the organisation, meaning you'll have the opportunity to make the role your own and shape how IT GRC is managed.

Full time in office role.

Key elements of the role include:

IT Governance, Strategy, and Solutions:

• Establish IT governance, strategy, and solution processes across the entire group and all sub-companies/funds.
• Design GRC solution architecture and enterprise architecture for group-wide initiatives.
• Manage the IT security reviews, audits, and testing requirements across the group.

Risk and Compliance:

• Assume full responsibility for IT compliance-related activities across the group.
• Establish risk and compliance services to ensure adherence to SOCI and other relevant regulations (ASD8, NIST, ISO Standards).
• Deliver IT-related regulatory reporting requirements for the entire group.
• Maintain OT resilience and risk management across all sub-companies/funds.
• Develop and deliver training programs to ensure that all employees are aware of IT governance, compliance, and security policies and procedures.

Policy Management:

• Work with technology teams to develop, update, implement, and enforce IT policies and procedures to ensure compliance with industry standards and regulations.
• Update, maintain and test business continuity, disaster recovery plans to ensure the group can continue operations in the event of a disruption.
• Performance Monitoring and Reporting: Monitor and report on the performance of IT governance, compliance, and security initiatives to senior management and the board.

REQUIRED EXPERIENCE, KNOWLEDGE, PERSONAL QUALITIES

Suitable for an experienced IT Governance, Risk & Compliance professional with proven experience establishing, implementing, and improving IT GRC functions, ideally within complex organisational structures.

Someone hands-on and adaptable who thrives in fast-paced environment, understands technology, and can think, absorb, and question to proactively contribute.

Required background & experience:

• Proven IT Governance, Risk & Compliance experience - review and implementation of robust IT GRC frameworks
• Experience implementing Third-Party IT Risk frameworks.
• Experience with the development of unified IT compliance reports.
• Demonstrate competent knowledge/expertise with IT compliance frameworks e.g. ASD Essential Eight, NIST, ISO standards etc.
• Well-developed IT Audit & Risk Management background.
• Industry and/or consulting experience can both be considered.
• Ability to anticipate future compliance requirements and guide the business accordingly.
• Relevant certifications - e.g. CISSP, CISM etc.
• Comfortable with a full time in office role.

This is full time permanent role located in the Sydney CBD and is offering $150,000 - $160,000 (including super) + bonus potential - depending on experience.

*Please note, full permanent Australian working rights (PR or citizenship) is required to be considered for this position, and successful applicants will be contacted.

This is an on-site position.

By clicking 'apply', you give your express consent that Robert Half may use your personal information to process your job application and to contact you from time to time for future employment opportunities. For further information on how Robert Half processes your personal information and how to access and correct your information, please read the Robert Half privacy notice: https://www.roberthalf.com/au/en/privacy. Please do not submit any sensitive personal data to us in your resume (such as government ID numbers, ethnicity, gender, religion, marital status or trade union membership) as we do not collect your sensitive personal data at this time.