IT Risk And Assurance Manager

Just imagine your future with us…

At Aurecon we see the future through a very different lens. Do you?

Innovation, eminence and digital are at the heart of everything we do. Are you excited about the future?

Are you driven by the opportunity to work on some of the most challenging and complex projects around the world and to learn from the best? We are.

Diversity is at the core of everything we do. We work together to create a culture based on respect, trust and inclusiveness. Our differences are what fuel our creativity.

The core purpose of the IT Risk and Assurance Manager role is to proactively identify and manage a known and acceptable level of risk across all Aurecon Technology functions and to support information security assurance across critical technology services. This role will use their expertise to lead, develop, implement, enhance and continually evaluate how the organisation recognises and addresses IT risk and maintain compliance with Aurecon's ISMS and relevant security frameworks i.e ISO 27001:2022, Essential 8 and NIST CSF 2.0.

What will you do?

We know the work we do is vital in assisting Aurecon's business globally. Here are the key things you will do to 'bring ideas to life'.

• Managing an IT Risk Management framework which integrates with our Aurecon Enterprise Risk Framework
• Proactively identifying and managing risk across all Aurecon technology functions via risk assessment, risk remediation/acceptance and risk communication to key stakeholders
• Managing and conducting IT and cyber security audits/ reviews associated with acquisitions, vendors, technology and services
• Provide disaster recovery planning and support for IT services
• Provide assurance to ensure security controls and practices for key processes are well-designed, implemented, and operating effectively Manage supply chain security review processes to ensure vendor risks are identified and addressed
• Maintain ISO 27001 certification, drive implementation of Essential 8 maturity and align NIST CSF 2.0 across Aurecon operations
• Manage an information security Risk and Assurance team and delegate where required to carry out responsibilities

Firstly, strong sense of responsibility, flexibility, and adaptability to varying request. Demonstrate excellent time management and organizational skills. And as part of a new team, you will have the opportunity to shape this role and have input into how we evolve it over time to WOW our employees and make an even bigger impact on the world.

You will also need the following capabilities:

Qualifications (Required)

• Tertiary qualification in Information Systems, Computer Science or related discipline
• At least 10+ years of experience in IT Risk and Assurance/Audit
• Minimum of 5+ years of People Management experience
• Experience with Enterprise risk frameworks and standards
• Experience with Information Security framework and standards

At Aurecon, we know every career adventure is unique. That's why our benefits are designed to support you and your family - at every stage.

• Flexibility - 1x every fortnight reporting in the office
• Wellbeing - we priorities your health
• Recognition - your impact matters
• Family - support for modern families and carers
• Community - give back through volunteering days
• Career development - learn, lead and shape your career

Our Aurecon Attributes describe the types of people we bring together for clients. We don't expect you to have all eight of the attributes, but one that is unique to you.

Finally, we value that each of our team members brings something different to Aurecon. We look for people who have had a broad range of experiences throughout their career and can demonstrate how they have worked as part of a team to bring ideas to life. Does that sound like you?

About us

We've re-imagined engineering.

Aurecon is an engineering and infrastructure advisory company, but not as you know it!

For a start, our clients' ideas drive what we do. Drawing on our deep pool of expertise, we co-create innovative solutions with our clients to some of the world's most complex challenges. And through a range of unique creative processes and skills, we work to re-imagine, shape and design a better future.

We listen deeply and intently, which helps us see opportunities, possibilities and potential that others can't. Think engineering. Think again.

Want to know more?

You can learn more about what it's like to work at Aurecon by visiting the careers section of our website.

If you are intrigued or excited by what you have read, then we want to hear from you. Apply now!