Technology Risk Specialist
At IAG, our purpose is to make your world a safer place. We are customer led and data driven and believe we have important responsibilities to enable the communities and people we service to be safer, stronger and more confident. In order to deliver on this purpose, we expect our people to demonstrate the IAG Spirit, take reasonable care for their Health & Safety and to celebrate and respect diversity in all its forms. About Us
At IAG, we believe that everyone has a unique point of view to share, shaped by their life experiences, cultures & passions. We celebrate and commit to:
#Proud to be me - we value difference, not sameness
#Together - harnessing our collective wisdom enables us to be our best for our customers & each other
#No boxes - it's not about labels, boxes or categories. It's about building a diverse and inclusive mindset into everything we do
IAG is the largest general insurance group in Australia and New Zealand. We own some of the region's most trusted brands, including NRMA Insurance, CGU, SGIO, SGIC and WFI. #CLOSER #BRAVER #FASTER The Role
The purpose of the role and unique contribution is to provide specialist 2nd line advice, oversight and challenge on digital and technology risk management practices across IAG. Supporting 2nd line Risk Advisors and other stakeholders to ensure IT risks are suitably identified and managed in a way which is aligned to required frameworks and standards. Key Responsibilities
Skills & Experience
- Provide independent specialist 2nd line oversight, challenge and advice to further mature and embed Technology/Operational Risk across the Group.
- Working collaboratively, consider and advise on digital and technology risk insights concerning group-wide exposures, risks concerning emerging technologies and industry trends
- Provide specialist advice on the design and operation of effective IT Risk controls and processes across the Group, ensuring alignment with approved Risk Appetite, including the development and maintenance of a consist set of controls and KRI's (& RAS metrics) across the Group.
- Undertake oversight, challenge and advise across the significant Risk Profiles and work working closely with risk colleagues to develop and present a Group view of digital and technology risks.
- Advise on, and continuously monitor risk uplift and technology control remediation activity.
- Challenge the status quo by identifying, recommending and implementing changes to simplify and enhance business processes.
- Highlight areas in which the state of internal technology controls, and control remediation activity is insufficient.
- Provide SME advice to key projects across IAG that have a material technology risk exposure as required by Risk Advisors.
- Provide Technology & Digital Risk insights/reports concerning Group-wide exposures relating to risk and control deficiencies, remediation activities, emerging technology risks industry trends.
- Oversight the 1st line embedment of the Technology Risk Framework and adequacy of the control environment ensuring risks are clearly articulated and documented and that an adequate control environment exists.
- Proactively drive the risk culture by provide the business with pragmatic, outcome-focused technology risk advice to assist them to achieve their objectives, within the risk appetite
- Minimum of 5+ years Financial Services experience
- Extensive skills and experience of technology risk management, include cyber security, minimum of 5+ years;
- Knowledge and experience in Risk Management or a related Risk discipline in first and/or second line roles.
- Experience and skills in a variety of technologies - 5+ years;
- An expert knowledge of IT governance, cyber, cloud risk, third party risk, IT service management, IT disaster recovery, data Up-to-date knowledge on the relevant prudential standards, governance and privacy.
- Excellent communication skills (verbal and written)
- Proven relationship/stakeholder management skills
- Demonstrated business acumen with the ability to translate risk theory into practical applicaton which supports uplift in risk maturity.
- Demonstrated ability to work collaboratively across broader groups to deliver desired outcomes.
- Building partnerships and working collaboratively with others to meet shared objectives
- Confidence in engaging senior business stakeholders, including technology leaders.
- Degree or post graduate qualification in digital, technology or business;
- Industry certification is desirable, e.g. CISM, CISSP, CRISC, CISA, ISACA.
- A broader range of experience that would provide additional value to the role
- Financial services (General insurance, Banking) industry experience - preferably large multi-jurisdiction/international and cross regulated organisations;
- Experience in Operational Risk, Compliance or Regulatory Assurance;
- Experience in Technology, Information, Cyber Risk management.
Start your career journey with us and click 'Apply'! Applicarions Close Decemember 13th
In addition to a diverse and inclusive culture, some of our benefits include 13% superannuation, 50% insurance discounts, flexible work and leave options, generous parental leave and return to work program, recognition and reward program, and various corporate partner discounts.
We encourage Aboriginal and Torres Strait Islanders to apply for this position.