It Risk And Compliance Analyst

Description:

Who we are and what we offer:
Interested in shaping skylines across the globe?
Multiplex is a premier construction company with a simple purpose: to construct a better future. As part of our team, you'll have the opportunity to help deliver some of the world's most iconic projects, supported by approachable leadership and an inclusive culture that puts our people first.
Supporting the business, Multiplex has a Global IT division with colleagues located across Australia, UAE, UK, and Canada working to an operating model based on the principles of Design, Build, Run, and Enable.
It's an exciting time to join the IT team at Multiplex as we pursue our strategy to modernise the business through digital technology. Alongside our Digital Transformation team, we are working on initiatives to leverage data and technology to improve the operational efficiency of our business. The Global IT division is committed to providing certainty of service and technology solutions that just work, ensuring the business is built to outperform.
With 110+ colleagues in the Multiplex Global IT division, we have roles across the full IT lifecycle from designing IT solutions, delivering change projects, to the business-as-usual running of our IT infrastructure, all while ensuring we are safe, secure and compliant.
You will also have access to a range of holistic benefits including:
* Bonus schemes, annual remuneration reviews and salary continuance insurance.
* Health and Wellbeing programs, including annual voluntary skin and health checks.
* Benefits to support parents and families, including 20 weeks paid parental leave regardless of gender, payment of superannuation on unpaid leave, and transition coaching.
* Professional career development opportunities and a wealth of learning offerings through the Multiplex Learning Academy.
* An industry-leading approach to flexible work to enable better work-life balance.
Who we're looking for:
Our people are united by a common belief: that we can outperform in everything we do.
Located in Sydney or Perth, the role of the IT Risk and Compliance Analyst is to help ensure that Multiplex's IT systems comply with legal and regulatory requirements, as well as internal policies and standards and will be instrumental in preparing for and supporting IT audits. This involves identifying and assessing risks related to IT systems and processes, developing and implementing controls to mitigate those risks, and monitoring and reporting on compliance with those controls. It also reviews and updates IT policies and identifies where additional policies are required. The role is key in ensuring that Multiplex's IT systems and processes are secure, compliant, and resilient to cyber threats and attacks.
As an experienced IT Risk and Compliance Analyst, the successful candidate will have strong attention to detail and excellent communication skills, including the ability to explain technical information to non-technical stakeholders and collaborate effectively with teams. With a passion for continuous learning and adaptability to stay up to date with the latest security threats, technologies, and best practices and with strong written and verbal communication skills, including the capacity to speak with business partners in an effective manner regarding IT risks. The successful candidate will also have:
*
Bachelor's Degree in relevant field e.g. Information Technology / Cybersecurity or equivalent experience and certifications e.g. CISA, SOC related certifications or training, ISO 27001 Lead Auditor, and CISSP
*
Strong knowledge of regulatory requirements and standards, such as GDPR, SOX, ISO 27001 and the NIST Cybersecurity Framework.
*
Understanding of risk assessment methodologies and the ability to identify and assess potential security risks and vulnerabilities in IT systems.
*
Experience with compliance assessments, audits, and reporting.
*
Comprehensive understanding of evaluating third-party SSAE 18 (SOC I / SOC II) reports and contracts to ensure that the third-party vendors and partners have effective internal control programs and identify any risks they might present.
*
Experience developing, implementing, and administering vendor/supplier security assessments.
A note on diversity:
Diversity is about celebrating the ways we are all different and appreciating the unique qualities that every employee brings. We invite applications from people of all genders, cultures and walks of life. Research shows that women and people from underrepresented groups are less like to apply for roles if they don't meet every qualification. So even if you don't match all the criteria - if you are passionate about helping to construct a better future, we'd love to hear from you.
We are committed to providing a barrier-free work environment and can support with reasonable adjustments at any stage of the recruitment process. Simply inform our Talent Acquisition team during your conversation with them.
#LI-JR1