Help us deliver like never before
We’re looking for a Cyber & Technology Risk Lead to join our diverse, talented and innovative digital technology team who together are helping our customers and communities build a better future. Together, we design, build and maintain products, services and experiences that Australian's love and trust, while delivering a sustainable future for Australia Post, and you could be part of that.
We're empowered to deliver for our teams and to delight our customers. We provide an inclusive and supportive environment that nurtures talented people, trusts our teams to deliver their best, and leverages modern work practices and technologies. It's an unexpectedly dynamic and collaborative culture that feels more like a start-up than a 213-year old icon.
What you’ll deliver with us
The Cyber & Technology Risk Lead is responsible for leading the management of 1st line cyber, technology and associated compliance and operational risks (across both the IT and OT landscape) for the Enterprise Services business unit with a shared accountability across the broader Australia Post Group. This individual collaborates with Enterprise Services technology, operations, and business teams to provide specialist advice, insight, guidance and support and ensure that effective risk management practices are in place (including for the cloud environments).
The ideal person will have a strong understanding of security controls assessment based on current threat landscape, operational risk management, and controls assurance practices. They will act as the gatekeeper for any project and BAU initiatives requiring risk assessments. Essentially the Risk Lead will lead development and implementation of risk management processes, libraries and documentation that will help improve transparency and management of enterprise and business unit risks relating to technology, cyber resilience and associated compliance and operational requirements.
You’ll also
Lead the 1st Line identification, assessment, mitigation and reporting of the Information Security, Cyber Security, Technology and associated operational risks.Support the 1st Line Cyber Governance, Risk & Compliance (GRC) function and the CISO in effectively managing cyber security and technology risks.Plan and execute regular and ad-hoc reviews into areas of significant information security or technology risks to the organisation, including deep dives, and facilitating commercial solutions.Support with periodic reporting on risks, controls and associated KRIs for various forums including the Audit & Risk Committee, GM operational forums and Risk Representatives Working Group.Enable Enterprise Services to develop and maintain effective risk mitigation strategies, including the provision of data points for effective prioritisation of initiatives based on the level of risk exposureEffectively influence stakeholders to negotiate and agree appropriate risk recognition, mitigation plans, and resource commitments to mitigate information security and technology risks for the organisationWork collaboratively with the technology and business teams to facilitate risk assessments, evaluation, mitigation, risk acceptance and reporting across IT and Cyber Security (including for projects).
About you
We are seeking a strong communicator who can build and maintain strong relationships with internal and external stakeholders. Internally you will collaborate with the CISO, GM’s, Heads of Technology and stakeholders particularly in Group Risk, Security & Compliance and Internal Audit. You’ll also support effective working relationships with Line 2 Risk & Compliance functions as well as other Group functions such as Legal and Procurement. An exciting part of this position is you will be able to work cross-functionally with operational staff to provide advice on risk management and co-ordinate the delivery of risk services. There will be some engagement with vendors and other 3rd party providers.
You’ll also need
Proven experience building an IT and Cyber risk capability and culture within an enterprise business to encourage consistency with risk appetite.Ability to undertake pragmatic cyber and tech risk assessments in IT & Operational technology environments.Strong understanding of technology & information governance, security risk and relevant operational frameworks, methodologies, industry standards and regulations (e.g. ISO27001/2, ITIL, E8, NIST)Expert stakeholder navigation skills, enabling key issues to be resolved in the most appropriate manner. Experience managing a team of risk professionals to deliver high-quality risk management services within a complex environment.Background in implementing and embedding best practice tools, templates and processes that improve cyber and IT resilience risk management across an organisation.Information Security qualifications such as CISSP, CISM, CISA are desirable but not mandatory.Ability to support the Cyber & Technology Controls Assurance function in undertaking risk reviews against the minimum policy, standard and control requirements.
How we’ll deliver for you
Join Australia Post during this exciting transformation to “Deliver a Better Tomorrow”Enjoy a generous salary package and company benefits
We’re delivering together
At Australia Post, we acknowledge the Traditional Custodians of the land on which we operate, live and gather as employees.
We believe our business should reflect the diverse communities we operate in and are proud to be an inclusive workplace for people from all walks of life. We encourage applications from people of all ages, genders and backgrounds including Aboriginal and Torres Strait Islander peoples, People with Disability, LGBTQIA+ and Refugees. We are one of the largest organisations in Australia to successfully achieve Disability Confident Recruiter status. We are committed to providing an inclusive and barrier-free recruitment process and workplace for those living with a disability and are committed to reviewing and removing bias in our processes to create a gender-equitable recruitment experience and workplace. If you have any questions about accessibility, please contact our Diversity & Inclusion team on inclusivecareers@auspost.com.au
See and hear what it's like to be part of our teams in digital tech: