IT Governance, Risk and Compliance Lead

Company description:

Wilson Group is a leader in Parking, Security, Health and Storage operating across Australia, New Zealand, Singapore and Malaysia. Our businesses are dedicated to combining technology, and the strength of our people and processes to take care of people, property and assets.

As an organisation we're here to Create Enduring Value, for our people, customers, communities we operate in, by delivering on our promise of Looking after what matters through our values of Care, Integrity, Accountability and Innovation.

Job description:

You will need to Lead and facilitate Wilson's IT Governance, Audit and Compliance obligations. Develop and maintain a central repository for Tender Responses the Group bid on. Assist with IT Risk Management assessments and reporting.

About the role:
- You will ideally already hold experience with some ITGC projects, risk frameworks and dealing with external clients. You will have an opportunity to expand your career by selling the solution to clients coupled with your IT Risk expertise.
- This role also offers exceptional growth opportunity and autonomy to make the role your own. There's a huge platform for your ideas to be heard and utilised and thus opportunity to take your career to the next level.
- This role reports directly to the Cyber Manager and will work closely with other stakeholders within Wilson Group.
- If you are keen to be apart of a top performing team and an exciting business model then this role should be of interest to you!

Key Responsibilities:
- Provide support for routine audit and Compliance checks and RFP responses.
- Facilitate IT Audits - review and collation of evidence, interaction with audit teams (internal, external)
- Contribute to the development of reports, including Regulator, Senior Management and Board updates. - - Periodic reporting on IT Risk and Control Testing.
- Updating and maintaining internal policy documentation.
- Provide governance and Compliance inputs to the IT Risk Management process.
- Ensure compliance with all company legal and statutory requirements.
- Work with business stakeholders (Key Account teams, Sales teams) across the BUs to up-skill and provide education around IT Governance and Cyber Security capability.
- Assist Corporate Comms teams in the creation of sales, training and education material around IT Governanceand Compliance, including linking with the Cyber Education and Awareness program.
- Monitor GBS compliance to regulatory and statutory obligations.
- Collaborate with IT and Business resources to define Group security policies that aligns to our regulatory, legal requirements and security obligations.
- Assess and define operational requirements, including acceptors, deliverers, and appropriate evidence.
- Actively participate in all regulatory compliance activities associated with this role including required training, meetings, and information sessions
- Track and govern risks and ensure timely remediation.
- Identify, assess, and manage issues and risks relating to on boarding new services.

Skills and Experience:
- 3+ years of experience in the field of information security, setting up and maintaining effective security policy frameworks.
- Practical experience conducting Risk and/or compliance activities in any IT field.
- Experience with risk management principles including risk assessment methodologies.
- Experience completing 3rd party vendor security or other controls-based assessments.
- Strong passion for Information Security
- Ability to prioritise work and understand business urgency.
- Work alone as an effective team member of a globally distributed team using multiple communication methods to facilitate collaboration.
- Adapt well to change in the working environment and recommend and implement process improvements; and
- Knowledge of generating reports with proven strong analytical and problem-solving capabilities.

Required:
- University degree or diploma in information technology, computer science and/or related discipline
- Relevant tertiary qualification, and/or CISSP, CISM, ISO 27001 Lead Auditor/Implementer, IRAP, would be an advantage.
- In-depth understanding of information security frameworks such as NIST-CSF, ISO, Essential 8, PCI DSS etc.
- Excellent communication skills, both written and verbal, to convey information effectively and professionally to users, management, and technical staff; and
- Strong technical understanding of IT Security technologies

If you are interested in this great opportunity and meet the above criteria, please apply by submitting your resume and a cover letter addressing the key recruitment criteria through the link below.

At Wilson, we are building a workforce that is representative of the community we protect. We welcome people from diverse backgrounds and are committed to supporting our Aboriginal and Torres Strait Islander Peoples with employment and career opportunities. We have an inclusive culture where innovation and teamwork are encouraged. If you wish to make a positive change in your community, contact us today.