Job Description:
The Senior IT Governance Risk Analyst is responsible for ensuring the effective implementation, monitoring, and continuous improvement of IT governance processes, risk management and controls across the organisation.
This role will provide expertise in the ITIL framework, with a specific focus on Risk frameworks.
Key Responsibilities:
1. Establish and implement IT controls based on the Risk Framework (ISO, ISM, E8, ITIL, COBIT, NIST etc) and ensure they are aligned with security and organizational policies and regulatory requirements;
2. Create a Vulnerability management process, monitor and report on open vulnerabilities and track remediation;
3. Collaborate with internal stakeholders to assess, monitor, and improve IT control effectiveness and ensure compliance with established standards;
4. Perform regular reviews, audits, and assessments to ensure IT governance practices meet relevant standards;
5. Work with risk and compliance teams to ensure that identified gaps in controls are addressed and mitigated;
6. Provide in-depth expertise in the application of the ITIL framework;
7. Review existing processes and create a plan for improvement around them;
8. Continuously monitor the effectiveness of governance processes, IT controls, and compliance activities, including tracking key performance indicators (KPIs) and risk metrics;
9. Generate reports on the compliance of E8 control measurement for management;
10. Liaise with cross-functional teams, including IT, Security, Risk, Audit & Compliance, to ensure that IT governance and control processes are integrated across the organization;
11. Educate and train stakeholders on IT governance processes, the importance of Security & Risk management and Risk framework requirements.
About You:
Expertise in Information Technology, Computer Science, or a related field;
5+ years and demonstrated experience in IT governance, risk management, or IT operations with a focus on ITIL-based processes;
Strong understanding of Information Security, infrastructure, network design, implementation, and maintenance;
Experience with Risk Framework (ISO, ISM, E8, ITIL, COBIT, NIST etc), and ability to establish and monitor IT controls based on governance guidelines;
Strong analytical skills and the ability to generate insights from metrics and reporting;
Excellent communication and interpersonal skills with the ability to collaborate effectively across different teams and departments.
About APRA:
APRA serves the Australian community by helping ensure financial institutions deliver on the financial commitments they make, within a stable, efficient and competitive financial system.
At APRA we're committed to providing an inclusive workplace where everyone belongs, feels valued and respected.
We aspire to attract and foster diversity of background, thought, and experience, recognising that a broad range of perspectives, approaches and ideas makes us stronger, and better enables us to meet our obligation to protect the financial wellbeing of the Australian community.