Enterprise Technology Risk & Compliance Manager

Sydney, NSW
Permanent
Full-time

16 days ago

Job Category: Information TechnologyJob Description:We are seeking a seasoned Enterprise Technology Risk & Compliance Manager to join our Downer Digital team. This strategic role is central to ensuring robust risk management, governance, and compliance across Downer's digital platforms and business units.Join a future-focused organisation where your expertise will shape how we manage technology risk and compliance across a dynamic and complex enterprise environment.This role offers hybrid working arrangements and can be based in Sydney, Melbourne, or Brisbane.About The Role:As the Enterprise Technology Risk & Compliance Manager, you will lead the development, implementation, and continuous improvement of Downer's technology risk frameworks. You will be responsible for maintaining the enterprise IT risk register, coordinating both internal and external audits, and ensuring risk mitigation strategies are aligned with business priorities.

Assisting with the design, implementation, and maintenance of technology risk management frameworks, policies, and standards
Assisting in identifying key technology risks, performing root cause analysis, and designing control enhancements to mitigate those risks
Managing the technology risk register and ensuring risks are documented, prioritised, and updated regularly.
Conducting risk and control assessments across infrastructure, applications, cloud platforms, and IT operations.
Supporting compliance with ISO/IEC standards (e.g. ISO 27001, ISO 31000) and relevant regulatory requirements.
Monitoring key risk indicators (KRIs) and key performance indicators (KPIs) to inform leadership on risk posture.
Monitoring the effectiveness of key controls, and coordinating / tracking remediation plans for control deficiencies and audit findings.
Providing guidance to operational teams to embed risk controls into business processes and technology initiatives.
Managing risk, controls, incidents, and issues through a central GRC (Governance, Risk & Compliance) system.
Assisting with board and executive risk reporting on enterprise-level risk, assurance, and compliance activities.
Ensure embedding of a robust risk culture within the organisation via risk awareness campaigns and relevant initiatives.

About You:You are a highly experienced risk and compliance professional with deep knowledge of technology risk management frameworks and tools. You possess strong analytical, communication, and stakeholder management skills, with a proven ability to lead and influence across complex enterprise environments.Education & Certifications:

Bachelor's degree in information technology, Computer Science, Business Administration, or a related field.
Relevant certifications such as CISA (Certified Information Systems Auditor), CRISC, or PMP are highly desirable.

Experience:

6+ years of experience in enterprise technology risk and compliance roles.
Demonstrated expertise in regulatory compliance and the adoption of standards such as ISO 31000, ISO/IEC 27001.
Experience in using GRC platforms and strong proficiency in data analysis and reporting tools.
Proven ability to manage IT audit processes and lifecycle of corrective action plans.

Skills & Knowledge:

In-depth understanding of technology risk, regulatory compliance, and risk governance.
Ability to design and implement risk frameworks, policies, and standards.
Skilled in identifying, analysing, and mitigating technology risks.
Experience conducting root cause analysis and developing effective control enhancements.
Strong communication, facilitation, and presentation skills.
Comfortable working in fast-paced, agile environments with diverse teams.
Ability to influence and negotiate with senior stakeholders and business leaders.

Core Competencies:

Strong collaboration and cross-functional communication.
Excellent time management and adaptability to shifting priorities.
Strong execution focus with the ability to drive outcomes in complex settings.

Benefits of Working with Downer:

Work with an ASX listed company, working with market leaders.
Grow your career with us, we are passionate about giving our people opportunities to grow through personal and professional development and continuous learning:

Professional development programs
Access to professional memberships and industry networks
Be part of a team that cares, we foster a work environment built on support that is flexible around our employee's wellbeing needs:

Flexible work arrangements
Parental leave
Employee Assistance Program
Programs promoting diversity and inclusion
A range of Corporate Benefits, including:

Discounted services (car hires, hotels, insurance, retail stores, gyms)
Salary sacrifice superannuation

At Downer, our approach to diversity is what sets us apart. Our people can be their best by bringing their most authentic selves to work every day. Downer is made up of more than 30,000 people who are all different. Different preferences and perspectives. Different histories and heritages. We are different in the way we think, the actions we take and the unique value we contribute to Downer and it's these differences that are Downer's greatest strength. As an inclusive employer, we welcome applications from everyone - bring your difference.About Us: At Downer we plan, create and sustain. Downer is the leading provider of integrated services in Australia and New Zealand. Through trusted relationships and world leading insight we work closely with our customers to design, build and sustain assets, infrastructure, and facilities.

Downer Group

Apply Now