06 Jul
Blueberry.Hub
Sydney
Introduction
As a Technology Risk Manager, you will play a crucial role in safeguarding our company's technology infrastructure, data assets, and overall security posture. Collaborating with cross-functional teams, including IT, security, and compliance, you will be responsible for assessing, analyzing, and mitigating technology-related risks while ensuring compliance with industry standards and best practices. You will work with the Technology & Operations team with a focus on Risk in Change and Data Governance.
Note: This role requires full-time onsite presence, 5 days a week, at our Sydney office.
Description
Key Accountabilities
Implement the compliance risk management framework and processes,
to support the operational risk management strategy.
Risk Assessment and Analysis:
- Conduct comprehensive risk assessments of technology systems, infrastructure, and processes to identify potential vulnerabilities and threats.
- Ensure the effectiveness of controls through control design development and periodic control testing.
- Analyze and evaluate existing controls, identify gaps, and make recommendations for risk mitigation strategies.
- Monitor and report on emerging technology risks and stay up to date with industry trends and best practices to proactively identify potential risks to the organization.
Compliance and Governance:
- Ensure technology systems and processes comply with applicable regulatory requirements and industry standards.
- Develop and maintain technology risk management frameworks, policies, and procedures to ensure adherence to risk management guidelines.
- Support internal and external audits by providing accurate and timely documentation and addressing findings related to technology risks.
Risk Mitigation and Remediation:
- Collaborate with cross-functional teams to develop and implement risk mitigation strategies, controls, and action plans.
- Provide guidance and support to technology teams to address identified risks and vulnerabilities.
- Track and monitor risk mitigation activities to ensure timely resolution of identified issues.
Incident Response and Business Continuity:
- Participate in technology & operational incident response activities, including investigating and analyzing security incidents, identifying root causes, and recommending remedial actions through to resolution.
- Contribute to the development and testing of technology-related business continuity and disaster recovery plans and Risk in Change (Delivered Risk).
- Coordinate with stakeholders to ensure effective communication and timely resolution of technology-related incidents.
Technical:
- Knowledge of technical infrastructure, networks, databases, and systems in relation to digital security and risk.
- Awareness of vulnerability management and security information event management technologies.
- Prior experience performing security reviews and risk assessments.
- Ability to work through issues, weigh up alternatives and identify the most effective solution.
Reporting and Communication:
- Prepare and present regular reports on technology risk assessments, trends, and mitigation efforts to senior management and stakeholders.
- Communicate complex technology risk concepts to non-technical audiences and provide guidance on risk management best practices.
- Collaborate with internal teams to develop and deliver training programs on technology risk awareness and mitigation.
Continuous Improvement:
- Identify opportunities for process enhancements and automation to streamline technology risk management practices.
- Stay abreast of emerging technology risks and industry advancements to continually improve risk assessment methodologies and tools.
- Contribute to the development and implementation of a risk-aware culture within Blueberry Markets.
Expectations
- Be an ambassador for Blueberry in the market; promote our interests and reputation.
- Follow our policies, procedures, and code of Ethics and Conduct.
- Protect our confidential information and intellectual property.
- Play an active role in your safety and the safety of others around you.
- Inspire confidence and urgency within the department and across the team for the delivery of timely, high-quality service to internal and external customers.
- Foster a culture of continuous improvement.
- Continuously drive agility and flexibility in responding to market and industry changes.
Skills And Experiences
Qualifications
- Bachelor’s degree in computer science, information systems or a related field.
Experience
- 5+ years risk management experience with a proven ability to engage and communicate complex IT security concepts with senior management and technical team to ensure the organisation's information assets are secured to a level commensurate with the value of those assets.
- Proficiency in technologies related to risk assessment and analysis, such as vulnerability scanning tools, network security tools, data loss prevention (DLP) solutions, and log analysis tools.
- Strong writing, interpretation, communication, and presentations skills.
- Knowledge of cloud computing, application security, network infrastructure,
and secure coding practices.
- Familiarity with industry-recognized risk management frameworks such as COSO (Committee of Sponsoring Organizations of the Treadway Commission), NIST Cybersecurity Framework, or ISO 31000 can be advantageous.
- Certified Information Security Manager (CISM)
Desirable
- Experience within the Financial Services, Banking or Trading industry
- Knowledge and experience of IT related legislation, policies, procedures, and systems within FX and Forex trading.
- Understanding and application of BCP, DR
- Recent experience gained in Risk in Change and Data Governance required.
- Highly adaptable with an appetite to work in a growing and changing environment.
Impress this employer describing Your skills and abilities, fill out the form below and leave Your personal touch in the presentation letter.