Join us as our IT Systems Policy, Audit & Compliance Manager
We have an opportunity to join our Global IT Governance, Risk & Compliance (GRC) team taking a lead role in the development and delivery of our IT & Cyber policies and standards.
You’ll take ownership of all Information Security & IT policies & frameworks, and be the key driver in their maintenance, development and embedding across the business.
This is a role where you can use your both your technical prowess (in IT Systems resilience, compliance, policy development & audit planning) and your business partnering skillset when building relationships with senior stakeholders across the group.
About the role
Reporting to the Group GRC Leader, our IT Systems Policy, Audit & Compliance Manager will embed a security mindset and governance in digital strategies across the business. You will have full ownership in the development, implementation and embedding of all Lendlease Information Security & IT policies as well as driving and owning audit delivery working closely with regional CIO’s and external auditors to both plan and drive delivery of the IS audit calendar.
You’ll be a true SME (Subject Matter Expert) and partner to senior stakeholders ensuring rigorous policies and frameworks are fit for purpose, with a constant push for continuous improvements and developments. You will offer strategic security guidance and leadership to your stakeholders with a constant push for continuous improvements and developments.
You’ll have accountability over several areas, not limited to.
Leading all aspects of IT Systems resilience, compliance, policy, and audit.
Development, implementation and communication of IT and Cyber related policies and standards.
Partnering with business unit leaders, group risk, IT teams, group, and regional compliance functions to find security requirements, using methods that may include risk and business impact assessments.
Present report(s) on risk and compliance performance to various Group governance forums
Act as a single point of contact from IT in interacting with auditors (internal/external), regulators and third parties and tight management of end-to-end audit findings, remediation planning, resolution, and monitoring activities.
Conducting policy and compliance audits and management of policy exceptions across the Group as well as creation of reporting metrics for Audit and Compliance Capability
Lead response on IT and Cyber Security posture in any major contracts or internal business proposals.
Facilitate remediation and track progress of regional noncompliance.
Undertake research and identifying security trends that may present a risk to Lendlease.
The skills you’ll need
To succeed in role, you’ll have strong experience (7-10 years) in an IT specific Compliance role or IT Policy Management role. Given the breadth of this role you’ll need to have relevant audit experience either managing external and/or internal audits or working closely with external auditors in a compliance role.
You’ll have experience in owning, refreshing, and creating wholly new IT policies (policy, standard and procedure documents) and relevant frameworks.
You’ll have a good understanding of and experience in creating, applying, and embedding new policies which have contributed to uplifting capability.
You’ll also have
Relevant degree level/tertiary equivalent or time served experience in an analytical discipline.
Demonstrable experience in design and implementation of audit initiatives and management of audits
Proven management experience in control assurance management and risk management frameworks.
Refined written and verbal communication skills with considerable experience in building relationships and influencing senior stakeholders.
Able to translate cyber risk to non-technical stakeholders.
Analytical, evaluative, and problem-solving abilities
Nice to have/Desirable experience.
Certification IV in Security Risk Analysis
Additional Information
Lendlease provides a wide range of benefits to support our employees through their everyday lives. Our flexible work arrangements make it possible to shape your working day accordingly. We embrace the value of a vibrant and diverse workforce and recognise that our people have different experiences and needs at different times.