Technology Assurance Risk Compliance Lead

About the role

As the Technology Assurance Risk & Compliance Lead you will beresponsible for the management and delivery of the ISMS across NHVR with consideration of technology risks associated to Cyber Security. Leading the Technology Assurance Risk & Compliance team you will help to grow a security aware culture across the regulator while ensuring that appropriate risk management considerations are applied.

Reporting to the Director Technology Commercial & Assurance you will solve complex problems and balance getting innovative business solutions to market whilst managing risk. You will ensure the NHVRs vendor ecosystem is properly evaluated assessed and managed to minimise risk exposure and risk impacts to the business.

Key responsibilities of this role are:

• Supervise the Cyber Technology Governance processes to ensure that NHVRs enterprisewide security program responds appropriately to the changing threat environment and external obligations
• Ensure the Technology Assurance Risk and Compliance (GRC) system is designed and operating effectively empowering the user experience and moving the organisation towards a more dynamic automated and data driven assessment of risk
• Determine plan and build a Technology GRC team ensuring that capability and resource is applied effectively to manage NHVRs Information Security Risk position
• Provide advice and leadership in relation to the NHVRs risk profile emerging risks and better practice risk and compliance management with a particular focus on technology and cyber risks
• Proactively manage Cyber Security Risk and ensure that ongoing issues are identified and resolved and/or projects are planned to correct underlying issues
• Produce and deliver regular reporting through to the Director Governance Risk and Assurance on NHVRs Cyber Security Risk position for consumption by the Executive Leadership Team Audit & Risk Committee and Internal Audit
• Lead compliance reporting and audit processes as required
• Own relationships with cyber security IT partners with the support of Procurement

About You

• 5 years experience within Information Security roles
• Experience in designing and implementing Information security programs policies and procedures in enterprise environments
• Knowledge of Information Security frameworks and standards including ISO 27001 NIST ASD Essential 8
• Experience managing and running a robust Vendor Security Risk Assessment process using SIG templates
• Strong interpersonal and people management skills to build effective sustainable relationships

Why join us

The National Heavy Vehicle Regulator (NHVR) commenced operations in 2013 as the national entity responsible for regulating all vehicles in Australia over 4.5 tonnes gross vehicle mass. The NHVR minimises the compliance burden on the heavy vehicle transport industry reduces duplication and inconsistences across state and territory borders and ultimately for the heavy vehicle business with government in Australia.

We are headquartered in Brisbane and employ more than 1000 people across the ACT New South Wales Queensland South Australia Tasmania and Victoria.

We offer

• A competitive salary package of $141018 superannuation
• Monthly RDO and paid leave over Christmas closure
• Hybrid working environment up to 2 days from home
• Up to14.5 superannuation through a cocontribution scheme
• Leave loading 17.5
• Wellbeing programs discounted fitness through Fitness Passport Discount health insurance flu vaccine financial programs including discounted banking products finance information sessions
• Salary packaging options including novated lease
• Discounted IT products including Microsoft and free family password security plan
• Ongoing training and professional development support
• Professional membership

Application Process

Please apply with your CV and cover letter addressing the essential requirements of the role.

Applications close: Friday 25^th April 2025 at 5:00 PM applications may close earlier than the listed closing date if suitable candidate/s are identified prior).

If you have any questions please dont hesitate to contact the NHVR recruitment team on .

Successful applicants will be required to complete standard preemployment checks including a national police and work rights check.

Please Note: We will not require any support from Recruitment Agencies at this time and kindly request no contact is made. Only direct applications will be considered.

We are committed to being an inclusive diverse and flexible workplace where differences are welcome applications from people of all backgrounds experience and abilities.