This high-profile University are currently seeking an experienced IT Security Risk Analyst to take responsibility for driving IT risk initiatives within the Portfolio and Planning team. You will collaborate with the IT leadership team, project team, third party service providers and other relevant regulatory bodies in matters of IT risks, compliance and audit findings.
Your brand new role will see you provide guidance and advice across multiple projects determining risks to minimise the level of potential exposure to the University.
Key accountabilities
1. Provide an independent risk assessment over project delivery, third party service providers, business processes and advise senior stakeholders of the key controls and remediation plans
2. Connect within IT teams to understand their business processes / delivery goals - pain points, workarounds, etc. and respond to their needs in a consulting manner
3. Perform periodic IT compliance reviews / reporting of operating environment application, network, cloud platform, database, etc.) to determine compliance to University's policy and standards, including relevant regulatory bodies ACSC, VAGO.
4. Provide support to Project's life-cycle framework, including associated gates for the conduct of risk assessment(s) and compliance checks
5. Work closely with Central Risk Management, Procurement, Internal Audit & Legal to identify compliance baselines from legislative requirements and corporate objectives
6. Lead the execution and reporting of the outcomes of the Third Party Risk Assessments
7. Act as a key contributor to the continuous improvement of the GRC function based on a thorough knowledge of contemporary Technology Governance, Risk & Compliance Management practices
Skills and experience
8. Extensive experience in the development, delivery and monitoring of large scale IT Risk Management practices COBIT
9. Experience in third party risk assessments - collaboration with vendors, identifying issues and action recommendations
10. Proven comprehensive knowledge of IT best practices, Cyber Security, Cloud and Risk Management
11. Ability to think out of the box and can make good decision with limited amount of information
12. Demonstrated ability to prioritise tasks and deliver a quality outcome
13. Exceptional interpersonal, communication and negotiation skills, with the ability to liaise effectively with internal and external clients, in order to proactively identify and solve issues