About the role:
The Technology Risk Manager role is a critical role to strengthen and drive effective Technology Risk Management practice, executing effective end-to-end risk assurance process for Victoria Police's technology services.
In this role, you will be the subject matter expert and accountable for specialist risk advice to support the delivery of product and services and creating a more effective risk management culture. This role will provide thought leadership, establish, deliver and embed a culture of continuous improvement to address compliance, operational technology risk identification and management, and ensure effective controls are in place to mitigate current and emerging risks.
Victoria Police is a contemporary and agile workplace and supports flexible working arrangements.
Your duties will include:
1. Establish and own the Technology Risk Management practice, framework, policies, processes and continuous improvement.
2. Be the Subject Matter Expert in Technology Risk Management to support the business in the delivery of their outcomes within an effective risk culture.
3. Lead risk assessments, update the control library and maintain risk register and reporting dashboards.
4. Plan, co-ordinate and deliver risk management workshops.
5. Ensure the effectiveness of controls through control design development and periodic control testing for compliance with the Victorian Protective Data Security Standards at an appropriate maturity level.
6. Provide risk support in BCP (Business Continuity Policies) and project risks.
7. Deliver IT Assurance and Audit engagements in support of external and internal audits.
8. Keep abreast of emerging trends and technologies to identify potential vulnerabilities and threats and provide thought leadership.
9. Work with VP partners, internal and external stakeholders and lead collaborative growth of the risk management practice.
10. Identify key risks, issues, and incidents and advise on remediation.
11. Partner with internal and external teams, addressing compliance, operational technology risk, and assessing internal controls and frameworks to mitigate current and emerging risks on IT systems.
As the successful applicant, you will have:
12. Experience in managing the Risk Register, Control Register, Incident & Breaches Register and Business Impact Analysis Register.
13. Proficient experience in either IT Audit or Technology Risk with either GS007 / ISO27001 / CPS234 / SOC1/2/3, SOX or ASAE Audits.
14. Strong understanding of cyber security frameworks, such as ISO 27001, NIST, and ACSC Essential 8.
15. Recent experience gained in Cyber Security and Cloud Risk management required.
16. Knowledge of, and experience with, internal auditing, IT risk management strategies and techniques.
17. Practical and solution-oriented approach to assess new technology, and evaluate and advise on impact, risk and remediation.
18. Highly adaptable, appetite to work in a growing and changing environment and ability to communicate with technical team leads required.
19. Superior communication and relationship skills.
20. Build relationships and work across a diverse group of stakeholders.
21. Have experience in a large and complex IT organisation.
22. ISACA, CRISC or equivalent preferred.
Requirements and relevant information:
23. One (1) x full-time, ongoing position available.
24. This position is located at Victoria Police Centre, 311 Spencer Street, Docklands.
25. The successful applicant will be required to undergo National Security Vetting, achieve and maintain a security classification as determined by the Department Head. To achieve this, applicants must be an Australian Citizen.
26. The successful applicant will be required to undergo pre-employment checks which may include fingerprint checks and misconduct screening.
Your application must include:
27. Resume
28. Completed application form – the word document (2. Application Form) for you to complete and attach to your submission, is attached to the job advertisement.
Applications close midnight, Wednesday 28 August 2024.
Please Note: All applications will need to be submitted through one of the following platforms: Jobs and Skills Exchange (JSE) website, Victorian Government careers website ( or Seek. Applications will not be accepted via other platforms or email.
Current Victorian Government employees must apply via Jobs and Skills Exchange (JSE).
For further information, please contact: Aji Alex on (03) 8600 8152 or via email .
We welcome applications from people with disability and aim to support an inclusive recruitment experience. If you require a copy of this advertisement and attached documentation in an accessible format or would like to discuss an access requirement/reasonable adjustment for the recruitment process, please contact VPS Recruitment via email or on (03) 8335 8082.
About Us:
Victoria Police has a dedicated workforce of more than 22,000 employees consisting of police, protective services officers, police custody officers, and public service staff. Each employee plays a vital role in providing the 24/7, 365 days a year emergency response and public safety capability the organisation delivers to its community. As a Victoria Police employee, you have a dedication and commitment to community safety.
Having a workforce that reflects the community we serve is important to Victoria Police. We want to attract and retain people of all genders, ages, religions, disability, sexual orientation, family and caring responsibilities, and cultures including people of Aboriginal and Torres Strait Islander heritage. If you are interested in a position, we encourage you to apply as we celebrate the benefit that diversity brings to our employees, our services, and our community.
Find out what it is like working as a Victorian Public Servant for Victoria Police: