Records & Compliance Auditor

About the company:

Six Degrees Executive has partnered with a leading supply chain, procurement and logistics specialist as they source an experienced Records & Compliance Auditor to join their supportive, yet outcome driven team.
The primary purpose of the Records & Compliance Auditor will be to perform audits of the organisation's Security and Information Risk Controls related to Records Management. You will work across the business to identify risks and develop strategies to mitigate current and potential risks.
Note: This is not a Cyber Security related role.

The opportunity:
Reporting to the Head of IT Service Management you will be joining a friendly and collaborative team. You will have the opportunity to get involved with projects, secondments and career development more broadly. In addition, you will also be offered flexible working hours and the opportunity to join the team onsite one day a week for weekly catchups and to maintain team culture.

About the role:

As a Risk & Compliance Auditor, you will be a trusted SME in your space and know all there is about records management, records disposal and associated policies and procedures (e.g. Compliance Essential 8, ISO 27000 Information Standards). You will be relied on to advise the business on respective Best Practice and a vital member of the team.
You will be responsible for (but not limited to) the following:

• Conduct audits and assessments of security and information risk controls, including but not limited to physical security, access controls, network security, system development and maintenance and data protection.
• Evaluate the effectiveness of the organisation's information library, including the quality, accuracy and accessibility of information.
• Analyse data and information to identify risks and make recommendations for improvements to policies and procedures.
• Audit and assist with implementing existing security control frameworks including the Essential Eight and Security Controls using a risk-based approach.
• Assist the Head of Enterprise Risk Management in the development and implementation of risk management strategies.
• Keep up to date with industry best practices in information security, emerging risks and regulatory requirements.
• Maintain currency of Information Management Standard.
• Complete annual review of datasets, including Business Impact Assessments.
• Provide input/complete attestations as required by OVIC and other statutory authorities.
• Provide recommendations for Data Governance including confidentiality, integrity, and availability of datasets.
• Coordinate and conduct data governance training for all staff.
• Review, develop and implement improvements to Information Operations, Records Management practices, policies, and procedures.
• Provide advice on records management systems and the record keeping requirements of other business systems.
• Coordinate training, consultation and support to employees to assist in properly categorising, storing, modifying, and disposing of their records.
• Coordinate the records management efforts of staff to ensure consistency with corporate standards and relevant legislation.
• Provide expert advice in the operational practices associated with publications including website, presentations, and social media.
• Comply with data management policies and procedures, and report breaches and/or vulnerabilities to a manager or the IT Operations team.

About you:
To be considered for this role, you will need (but not limited to) the following:

• Relevant tertiary or post-graduate qualifications in Information Technology and/ or industry training in Information Technology.
• Minimum of 5 years’ experience in Security Controls Auditing and or Records Management including administration, design, build and reporting Strong analytical capabilities and comfortable forecasting in Excel
• Strong knowledge of security standards and frameworks such as ISM, Essential Eight, NIST, ISO, and COBIT.
• Familiarity with data governance principles and practices.
• Excellent stakeholder management, organisation and influencing skills.
• A fast and keen learner, with ability to proactively pursue and share new skills.
• Flexibility to accommodate changing priorities and unexpected requests.
• Strong written and oral communication skills.
• Ability to build strong working relationships with colleagues and external stakeholders.
• Well-developed presentation and liaison skills.

So, if you're ready to take your career to the next level and really make your mark on this organisation, we want to hear from you!
Contact Mark Watson of Six Degrees Executive at markw@sde.com.au for a confidential discussion or apply now.
Six Degrees Executive acknowledges the Traditional Custodians of the lands on which we work and live. We are also committed to equal opportunity and strive to promote diversity, inclusion, belonging, flexibility, and accessibility in all that we do.
Should you require assistance in your interactions with us or through a recruitment process, please let us know so we can provide adjustments for you.