Introduction Why Blueberry? At Blueberry, we run a fast-growing global trading business, and that means protecting our systems, data, and people is critical. With new technologies, risks, and regulations evolving all the time, we need someone who thrives on thinking ahead, anticipating vulnerabilities, and building a safer digital environment. As our Technology Risk Manager, you’ll help us manage the unknown. You’ll lead assessments, improve controls, support governance, and build strong partnerships across departments, all to make sure we’re secure, resilient, and ready for what’s next. Description We’re looking for a proactive and analytical Technology Risk Manager to lead risk identification, mitigation, and response across our platforms and infrastructure. You’ll be working closely with our IT, Compliance, and Business Continuity teams to build a strong risk culture and protect our systems in a fast-moving, regulated industry. Note: At Blueberry, moving with purpose means showing up, connecting, and building momentum together. This role is based onsite in Sydney, Monday to Friday, where the real magic happens. How You’ll Make an Impact Conduct comprehensive risk assessments of tech systems, infrastructure, and processes Evaluate and improve control effectiveness through testing and design Stay ahead of emerging tech risks and adjust frameworks accordingly Ensure compliance with regulatory and internal policies (NIST, ISO, etc.) Lead internal audits and support external regulatory reviews Collaborate with IT to develop risk mitigation plans and incident response strategies Track remediation efforts to ensure timely closure of risk-related issues Participate in and improve business continuity and disaster recovery plans Support and guide teams on security reviews, vendor assessments, and project risks Develop and deliver training to build internal awareness of risk and compliance Skills And Experiences Who We’re Hoping to Find 5 years of experience in technology risk or security risk management Bachelor’s degree in Computer Science, Information Systems, or related field Proven ability to explain risk concepts to both technical and senior audiences Experience using tools like vulnerability scanners, log analysis, and DLP systems Familiarity with frameworks like COSO, NIST, or ISO 31000 Understanding of cloud security, application security, and secure coding Strong documentation and reporting skills (yes, your slides need to make sense!) CISM certification preferred Ability to thrive in a fast-growing, highly regulated environment Extra points if you have Background in financial services, banking, or trading Experience with Forex/CFD platforms and relevant compliance expectations Familiarity with Risk in Change, BCP, DR, and data governance Adaptability and initiative, someone who enjoys solving new challenges fast