Senior IT Governance Risk Analyst

Job Description

The Senior IT Governance Risk Analyst is responsible for ensuring the effective implementation, monitoring, and continuous improvement of IT governance processes, risk management and controls across the organisation. This role will provide expertise in the ITIL framework, with a specific focus on Risk frameworks. The team The role is a member of the APRA Technology & Data division (T&D) reporting to the IT Governance Manager. The Technology and Data Division supports APRA with frameworks, technology and systems that support APRA’s data and technology operations and its mandate to help protect the Australian community through data enabled decision making. Key responsibilities Establish and implement IT controls based on the Risk Framework (ISO, ISM, E8, ITIL, COBIT, NIST etc) and ensure they are aligned with security and organizational policies and regulatory requirements; Create a Vulnerability management process, monitor and report on open vulnerabilities and track remediation; Collaborate with internal stakeholders to assess, monitor, and improve IT control effectiveness and ensure compliance with established standards; Perform regular reviews, audits, and assessments to ensure IT governance practices meet relevant standards; Work with risk and compliance teams to ensure that identified gaps in controls are addressed and mitigated; Provide in-depth expertise in the application of the ITIL framework; Review existing processes and create a plan for improvement around them; Continuously monitor the effectiveness of governance processes, IT controls, and compliance activities, including tracking key performance indicators (KPIs) and risk metrics; Generate reports on the compliance of E8 control measurement for management; Liaise with cross-functional teams, including IT, Security, Risk, Audit & Compliance, to ensure that IT governance and control processes are integrated across the organization; Educate and train stakeholders on IT governance processes, the importance of Security & Risk management and Risk framework requirements. About you Expertise in Information Technology, Computer Science, or a related field; 5+ years and demonstrated experience in IT governance, risk management, or IT operations with a focus on ITIL-based processes; Strong understanding of Information Security, infrastructure, network design, implementation, and maintenance; Experience with Risk Framework (ISO, ISM, E8, ITIL, COBIT, NIST etc.), and ability to establish and monitor IT controls based on governance guidelines; Strong analytical skills and the ability to generate insights from metrics and reporting; Excellent communication and interpersonal skills with the ability to collaborate effectively across different teams and departments. To work with us, you need to be an Australian citizen with eligibility to gain a Baseline Security clearance. About APRA The Australian Prudential Regulation Authority (APRA) places you at the heart of Australia’s financial services industry. APRA serves the Australian community by helping ensure financial institutions deliver on the financial commitments they make, within a stable, efficient and competitive financial system. At APRA we’re committed to providing an inclusive workplace where everyone belongs, feels valued and respected. We aspire to attract and foster diversity of background, thought, and experience, recognising that a broad range of perspectives, approaches and ideas makes us stronger, and better enables us to meet our obligation to protect the financial wellbeing of the Australian community. The Australian Prudential Regulation Authority (APRA) is the prudential regulator of the financial services industry. It oversees banks, credit unions, building societies, general insurance and reinsurance companies, life insurance, private health insurers, friendly societies, and most members of the superannuation industry. APRA currently supervises institutions holding $6 trillion in assets for Australian depositors, policyholders and superannuation fund members. APRA invests in contemporary technologies to enable our employees to achieve work life balance, via flexible working practices. We are dedicated to cultivating a diverse and inclusive workplace that fosters collaboration and continuous improvement. APRA provides ongoing studies support, structured training programs and excellent career progression opportunities all within a highly professional environment. APRA is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, age, or disability status. To apply, please visit our Careers Page at . For further information or assistance, please email . Please do not apply to this email address. #J-18808-Ljbffr