Job description
About HCF
At HCF, our purpose is to bring our human touch to healthcare. Since 1932 we’ve been putting our members and their health first. As Australia’s largest not-for-profit health fund, we cover over 1.7 million members with health, life, travel and pet insurance and our vision is to make healthcare understandable, affordable, high quality and member centric.
We want to be true health partners to our members, easily guiding the healthcare choices that are right for them. At HCF, our values are the way we do things and create the necessary culture to help us realise our purpose and deliver our 2025 Strategy. Living our values in action we step forward, walk in their shoes, stay human, make it better and get there together.
About the role
Reporting to the Chief Information Officer, the Head of IT Risk, Audit and Governance will be responsible for overseeing and managing all aspects of technology-related risks and Governance to ensure the effective and secure operation of HCFs information technology systems. The role will play a key role in identifying and mitigating IT-related risks, developing and implementing governance frameworks, and ensuring compliance with regulatory requirements. The role will lead a team of professionals and collaborate closely with key stakeholders to drive HCFs IT Risk Management strategy and build a culture of risk management at HCF
About you
To be successful in this role, you will demonstrate the following qualifications, experience and skills:
Must be able to demonstrate and display HCF Values: Step forward, Stay human, Walk in their Shoes, Make it better and Get there together.
Bachelor's degree in computer science, information systems, or related discipline
High degree of demonstrable experience in IT risk management, information security, and IT audit at a senior leadership level.
Strong understanding of IT governance frameworks, such as COBIT or ITIL.
Extensive knowledge and understanding of regulatory requirements and industry standards related to IT risk and Governance (CPS234, HPS231 & PCI DSS)
Demonstrated experience leading high performing teams.
Excellent written and verbal communication skills including the capacity to negotiate and liaise effectively with technical and non-technical stakeholders.
A high level of personal integrity.
Strong analytical and problem-solving abilities
Relevant certifications - IIA or ISACA (CISA, CRMA, COBiT5 or equivalent) would be highly desirable
Responsibilities
The responsibilities of this role include but are not limited to the following:
Lead, inspire, coach, develop and motivate a high performing team to deliver IT risk and Governance objectives.
Communicating and leading at all levels and fostering an environment that encourages and recognises success and close collaboration with other teams.
Produce Executive and Board level reports and attend Board and Executive meetings when required
Responsibility for the IT Risk, Audit and Governance budget
Develop and implement an IT risk management framework, including establishing relevant risk mitigation strategies, policies, and procedures for risk identification, assessment, and monitoring.
Identify and assess risks across the organisation to identify potential vulnerabilities.
Ensure compliance with regulatory requirements and industry standards e.g. APRA CPS234, CPS-231, CPS-230, CPS-220 & PCI DSS
Manage and facilitate internal, external IT audits to ensure effectiveness of controls.
Track and monitor remediation efforts to address identified risks and control deficiencies.
Provide guidance and support to project teams and programs of work through their risk management obligations, the identification of risks as well as the development and delivery of solutions within risk appetite.
Facilitate IT reviews performed Line 2, 3
Develop and maintain an IT governance framework that aligns with organisational goals.
Establish and oversee policies, standards, controls, and procedures that align with industry best practice and regulatory requirements.
Collaborate with Senior Leaders across the Business to ensure that the overall organisational and IT risk and Governance strategies are effectively executed, and resources are appropriately allocated and managed.
Culture
Working in the health insurance industry, we know how important it is to prioritise the wellbeing of our own people. We want to provide you with the skills and tools you need to support your wellbeing journey, so that you can be at your best.
We’re all about creating a fantastic people experience, guided by our values, so that we can in turn better deliver for our members. We work with our people to create a work experience that is inclusive, supportive, safe and respectful so we can do the best for our members.
Come and join our HCF team!
Benefits
50% subsidy on HCF Private Health Insurance
Flexible working arrangements including the opportunity to work from Home (WFH), hybrid or from our modern Sydney offices.
18 weeks Parental Leave for all new parents
Mental Health & Wellbeing programs
Discounts on HCF’s suite of products, life, pet, travel, and general insurance
A career with us – How to apply
Please check out our website at https://www.hcf.com.au/about-us/careers
At HCF, we are dedicated to fostering an inclusive and collaborative work environment that upholds our core values. We look for the human in each other and use that to guide what we do and how we do it. HCF takes pride in our diverse workforce and inclusive workplace culture and we celebrate the richness of perspectives brought by individuals with different backgrounds and experiences, including age, ethnicity, cultural or spiritual background, gender identity, disability, education, and socio-economic status.
All suitably qualified applicants will receive fair and equitable consideration for employment. If you require any adjustments to assist you in making your application or throughout the selection or onboarding process, please reach out to vacancy@hcf.com.au and we will make every effort to assist you.
#LI-RH1