IT Risk & Controls Specialist

IT Risk and Controls Specialist

Location: Sydney NSW 2000

Company: BGIS

Employment Type: Full Time

About the Role

We are seeking a motivated IT Risk & Compliance Specialist to strengthen our IT General Controls (ITGC) and Sarbanes-Oxley (SOX) compliance program across our APAC operations. This offers an excellent opportunity to develop expertise in cybersecurity information security frameworks and risk management while working alongside experienced security professionals in a dynamic environment serving multiple sectors.

In this role you will play a critical part in monitoring control effectiveness supporting internal and external audit activities and driving continuous improvement in our compliance posture.

Key Responsibilities

Compliance Monitoring & Control Testing

• Monitor and enforce adherence to internal IT policies and external regulatory requirements including SOX and ISO 27001
• Design review and execute IT control testing procedures to assess effectiveness and identify control gaps
• Maintain comprehensive documentation of control testing activities results and evidence for audit readiness
• Communicate audit observations control deficiencies and risk findings to stakeholders with clear actionable recommendations
• Develop and recommend corrective and preventive action plans that are practical cost-effective and aligned with business objectives
• Track remediation activities resulting from internal and external audit findings ensuring timely closure with appropriate evidence
• Collaborate with IT security and business teams to implement and maintain effective control environments
• Provide guidance and training to control owners on proper control execution documentation standards and testing methodologies
• Facilitate communication between technical and non-technical stakeholders to ensure shared understanding of compliance requirements
• Identify opportunities to streamline audit processes improve control automation and enhance compliance reporting
• Contribute to the development and maintenance of the IT risk register and compliance dashboard metrics
• Stay current with evolving regulatory requirements industry standards and audit best practices
• Support ad-hoc compliance projects and security initiatives as needed

What Were Looking For

Essential Experience

• 2+ years of experience in IT audit IT controls testing or information security compliance roles
• 2+ years of hands-on SOX compliance experience including Sarbanes-Oxley Section 404 ITGC testing
• Demonstrated experience with IT control frameworks such as SOXCOBIT COSO or ITIL
• Proven ability to conduct control walkthroughs design test procedures and document testing evidence
• Professional Skills
• High proficiency in Microsoft Excel Word and PowerPoint
• Excellent written and verbal communication skills with the ability to present complex technical concepts to diverse audiences

Qualifications

Required

• Bachelors degree in information systems Computer Science Accounting Information Security or related field

Certifications (Preferred or In Progress)

• Certified Information Systems Auditor (CISA)
• Certified Internal Auditor (CIA)
• ISO 27001 Lead Auditor (LA) or Lead Implementer (LI)
• CISSP CISM CRISC or other relevant cybersecurity certifications

Why Join BGIS

Key Benefits Include:

Spot recognition vouchers and $2000 employee referral bonus
Access to Flare for retailer utility and lifestyle discounts
Fitness Passport for you and your family
AFR Best Places to Work 2024 & 2025
Winner Inspiring Workplaces Award2025
WORK180 Employer of Choice for Women
WGEA Compliance Certification
2 paid volunteer days annually
Career mobility and internal progression pathways
Leadership development programs
Health & wellbeing support including EAP

BGIS is committed to fostering an inclusive workplace where diverse perspectives are welcomed and supported.

BGIS is an equal opportunity employer. We strongly encourage applications fromwomen Aboriginal and Torres Strait Islander peoples LGBTQIA individuals and people from culturally diverse backgrounds.