The Role
In this role, you’ll be responsible for maintaining and enhancing the IT Risk Management Framework, collaborating with cross-functional teams to identify and assess risks, monitor controls, support audits, and lead resilience planning (including DR and BCP). You’ll also be an educator—driving cultural change in risk awareness across the business.
What You will do!
- Manage and maintain the IT Risk Register, ensuring risks are well-documented and regularly reviewed
- Facilitate risk assessments and workshops, presenting to senior stakeholders and producing reports for executive and board-level audiences
- Review and monitor the effectiveness of IT controls and risk treatment plans
- Support internal and external audits, including responding to findings and tracking remediation
- Lead and contribute to disaster recovery and business continuity initiatives
- Participate in DR simulations and planning exercises
- Influence a risk-aware culture across the organisation
- Significant experience in IT Risk Management, including direct responsibility for risk registers and facilitation of risk workshops
- Strong understanding of risk tools and frameworks (e.g., Excel, 6 Clicks, Archer, ISO31000)
- Proven ability to communicate and educate stakeholders on risk management principles and language
- Experience in resilience disciplines such as DR and BCP, including knowledge of RTO/RPO
- Ability to contribute to DR testing and planning
- Strong documentation, reporting, and stakeholder engagement skills
- Exposure to cyber risk is a bonus, but not essential
- Location: Melbourne preferred, but Perth considered.
Apply now to make your mark in a vital role helping future-proof the organisation’s technology operations.
