IT Risk & Security Consultant

Location: Sydney CBD, New South Wales
Contract Type: Contract
Specialisation: Technology & Digital
Salary: Negotiable
REF: BBBH225430_1535510181


This is your opportunity to be part of the core team that transforms IT Risk & Security Practice in a leading digital bank. You will first be brought up-to-speed with the targeted IT Risk & Security Practice that is aligned to the Agile Delivery Model.

This targeted IT Risk & Security Practice is characterised by the implementation of a platform for the collection and approval of evidences that show to what extent the organisation is 'in control' of IT Risk. Furthermore, by using this platform, the aim is to provide assurance around IT Risk on a continuous basis.

For this specific role, you will be engaged in IT Key Controls Testing and SOX ITGC fieldwork, by utilising this new 'continuous KCT' approach. Your contribution is valued for the further improvement of the platform, but also for the identification of organisational improvements we may need to make. Furthermore you will support the existing Tech Risk team in their tasks to formally close risk items by reviewing and challenging evidences obtained (from a 1st LoD view).

In this role, the Consultant partners with local stakeholders such as Subject Matter Experts (application/platform), Architects, Infrastructure, Identity & Access Management, etc., under supervision of an Expertise Lead. The outcome is an organisation change, where Risk & Security activities are integrated into the Agile Delivery Model.

Essential Requirements:

  • Bachelor's Degree and 3+ or more years of experience, preferably in the IT Risk / IT Audit area
  • Advanced analytical and problem solving skills
  • Experience with KCT/SOx ITGC, audit assessments, and risk assessments
  • Strong verbal and written communication skills, able to adjust communication dependent on the receiver
  • Certifications such as CISSP (or CISSP Associate), CISA, or CISM can be beneficial.
  • Experience with privacy or data security regulations such as GDPR, SOX, PCI-DSS, etc. can be beneficial
  • Experience with IT governance or security frameworks such as COBIT, ISO 27001, NIST CSF, etc. can be beneficial

If you are looking for the next challenging but rewarding role working in a global organisation, and have a positive attitude working in a dynamic environment then please apply now!