3 - 5 years' Risk Management experience in the IT space
- ISO27001, COBIT, NIST
- Extensive experience in cybersecurity
**The opportunity**
We have a unique opportunity for a
**Technology Risk Specialist** to join our Enterprise Risk team on a contract basis, to support technology risk management within our Finance and Commercial division.
Reporting directly to the Senior Manager Risk, the primary purpose of the role is to manage and coordinate the IT risk management function, ensuring that all elements of the risk management framework are up to date, fit-for-purpose and effectively implemented.
The successful applicant will also be involved in the following:
- Administration of Sydney Metro technology risks related to Information and Cyber security, IT infrastructure, IT Project delivery and Service Management.
- Working and collaborating with multiple stakeholders to ensure that risks are identified, "fit for purpose" IT /OT Controls are in place and action measures are identified and implemented.
- Conduct risk workshops, identify potential technology risks and exposures, develop treatment plans.
- Administer and facilitate a proactive end-to-end risk management approach to Sydney Metro IT sectional managers and project owners.
- Assist with administration of IT/OT Risks within the risk management software (SWORD ARM).
- Facilitate controls assurance activities, including hands on assistance as required to identify control improvement opportunities.
- Prepare risk compliance reports ensuring alignment with Risk Appetite Statements related to technology and other metrics for presentation to the stakeholders within Sydney Metro.
**About you**
To be successful in this role you will have:
- Relevant tertiary qualification(s) in technology is preferred.
- 3 - 5 years' Risk Management experience in the IT space, ideally you will have gained experience in a similar role preferably working on large and complex IT projects.
- Comprehensive understanding of IT and Business environments, with excellent knowledge in risk management related to technology.
- Proactive, resilient and enjoy working in a fast-paced, ever-changing environment.
- Exceptional communication skills and the ability to engage, influence and appropriately challenge stakeholders across a broad range of business functions.
- Comprehensive knowledge/ understanding of ISO27001, COBIT, NIST is desirable.
- Certificate in Risk Management will be well regarded.
- You may have extensive experience in cybersecurity.
**If this sounds like you**:
**Infopeople - Anne Rivera