Information Risk Manager

Last updated 1 hours ago
Location:Sydney
Job Type:Full Time

With information technology shaping the world we live in, the luxury of digitisation can also pose a risk. Being a highly risk aware organisation, and with security and governance being front-of-mind, we are eagerly seeking an Information Risk Manager to enforce policies and advise controls.

You’ll be responsible for advising the 1st Line of Defence around relevant policies and procedures to mitigate and limit risks, as well as challenge risk management processes to reduce reputational damage, financial loss and business disruptions for instance.

Working within a growing and supportive team, you’ll gain the exposure to various risk functions, stakeholders, and also gain a holistic view of the entire organisation. Being a flat organisational structure, this role will allow you to value-add and be a trusted advisor within our critical risk function.

What are you going to do? You’ll be…

  • Overseeing and enforcing compliance for the 1st Line of Defence; which will entail ensuring risks are being managed in line with risk appetite, actively monitoring changes in the risk landscape and reporting key risk regulatory trends
  • A trusted advisor; being a local owner of ING’s policies and frameworks, and ultimately enforcing risk controls
  • Acting as the devil’s advocate; challenging and validating risk assessments and key control testing conducted by the 1st Line, and respectively providing feedback for potential risks
  • Performing periodical spot checks and quality assurance for IT controls within the Risk Appetite program
  • Conducting second line monitoring on physical and personal security measures
  • Able to apply a risk management lens to the IT domain

What are we looking for? You’ll have…

  • A minimum of 5 years of demonstrated experience within a Risk, IT or Audit role; ideally within Financial Services
  • A strong technical background;
  • The exposure to and understanding of technical and business related threats facing online banking (such as security and data management)
  • The ability to identify and pursue solutions to manage operational and information risks
  • Knowledge in the areas of Information and Technology Security, Operational Risk Framework and governance would be ideal
  • Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or Certified Governance of Enterprise IT (CGEIT) would be desirable

About Us

At ING, we want to make life simpler and more worthwhile – for everyone who banks with us, for the people who work with us, and the community at large, too.

When you come to work at ING, you’re joining a team where individuality isn’t just accepted, it’s encouraged. We’ve built a culture that’s fun, friendly and supportive – it’s the kind of place where you can be yourself and make the most of whatever you have to offer.

We give people the freedom to take risks, think differently, take ownership of their work, and make great things happen. We’re here to help you get ahead. And with our global network, there’s plenty of scope to take your career in new directions, perhaps even ones you’ve never considered.

People of all ages, sexual orientations, cultures and backgrounds are welcome to apply – likewise if you’re an indigenous Australian, or you’re living with a disability, or you have family or caring responsibilities. We would also be open to flexible working applications for this role, please just let us know as part of your phone interview.

Sound like the kind of place you’d feel at home? We’d love to hear from you.