ASX: Powering Australias financial markets

Why join the ASX

When you join ASX youre joining a company with a strong purpose to power a stronger economic future by enabling a fair and dynamic marketplace for all.

In your new role youll be part of a leading global securities exchange with a strong brand. We are known for being a trusted market operator and an exciting data hub.

Want to know why we are a great place to work click on the link to learn more.

are more than a securities exchange!

The ASX team brings together talented people from a diverse range of disciplines.

We run critical market infrastructure with 1 in 3 people employed within technology. Yet we have a unique complexity of roles across a range of disciplines such as operations program delivery financial products investor engagement risk and compliance.

Were proud to foster a workplace where diversity is celebrated and inclusion is part of our everyday culture. Our employee-led networks champion LGBTIQ inclusion promote gender equality accessibility and wellbeing inspire giving and volunteering and celebrate cultural and religious events creating a sense of belonging for all. As an AWEI Bronze employer and member of the Champions of Change Coalition for gender equality were committed to a fair and inclusive workplace where everyone can thrive.

Key purpose of the role:

Act as the senior Line 1 owner of technology risk enablement and controls for ASX translating enterprise risk frameworks into a coherent technology risk taxonomy control environment and assessment approach that supports scalable risk management assurance and regulatory outcomes.

Your Team

The Technology Risk Business Management & Strategy function supports the ASX Technology division across technology risk governance planning and operatingrhythm activities. The function enables Technology leaders to manage risk meet regulatory and assurance expectations and maintain effective governance and performance disciplines.

Your responsibilities

• Own and lead the Line 1 technology risk and controls enablement capability determining how enterprise risk & compliance frameworks are translated into practical scalable and ASX Technology divisional as well as technology and cyber risk specific approaches.
• Design evolve and govern the technology and cyber risk ecosystem of taxonomies metrics control frameworks policies and assessment approaches ensuring they are and remain coherent usable aligned to internal and external expectations and informed by best practice.
• Develop new risk and control approaches where gaps exist including defining trade-state practices implementation plans guidance and transition pathways in alignment to enterprise risks and compliance to uplift maturity.
• Own the ITGC library including maintaining artefacts facilitating changes coordinating control rollout and assurance activities.
• Evolve integrated IT system-level risk reporting towards data driven outputs considering risk maturity.
• Provide authoritative Line 1 input into enterprise frameworks such as risk & compliance as well as criticality tiering methodologies ensuring divisional as well as technology and cyber risk considerations are accurately reflected and grounded in operational reality.
• Lead the development of guidance playbooks and education for the division and for technology and cyber risk across the enterprise lifting understanding and capability so risk and controls are embedded into day-to-day technology delivery and operations.
• Drive continual uplift of the technology risk ecosystem through simplification standardisation automation and clear ownership.
• Lead coach and support a team of risk practitioners in an environment with competing priorities and elevated risk exposure building autonomy reducing single-point dependencies and progressively uplifting risk maturity through practical simplification and standardisation.

Your experience and qualifications

Must have

• Significant experience in technology risk and/or compliance roles (Line 1 Line 2 or Line 3) with the credibility and judgement to operate autonomously in a senior Line 1 leadership capacity.
• Demonstrated ability to translate enterprise risk standards and frameworks into fit-for-purpose technology practices and to operationalise and embed them consistently across complex environments.
• Strong technology and cyber risk expertise with sufficient technical depth to engage credibly with SMEs such as engineers and cyber practitioners and to design practical risk and control approaches grounded in operational reality.
• Proven capability to develop own and evolve risk and control artefacts (e.g. taxonomies libraries assessment approaches) maintaining coherence usability and scalability as the environment changes.
• Demonstrated ability to exercise sound risk judgement at system level including determining what good looks like at scale making trade-offs incorporating feedback and adapting approaches to enable consistency and usability.
• Strong leadership capability in ambiguous and evolving environments including structuring work setting direction prioritising effort and driving outcomes without reliance on established templates or structures.
• People leadership capability demonstrated through direct indirect or matrix leadership including coaching and developing experienced practitioners and building confidence judgment and autonomy in others.

Nice to have

• Experience operating in regulated critical or high-reliability environments where technology and cyber risk scrutiny is elevated.
• Risk-related certification (CISA CISSP etc.) or equivalent professional standing.
• Familiarity with recognised technology and risk frameworks such as NIST ITIL COSO.
• Exposure to emerging technology risk areas such as AI cloud at scale continuous deployment.

We make hiring decisions based on your skills capabilities and experience and how youll help us to live our values. We encourage you to apply even if you dont meet all the criteria of this role.

If you need any adjustments during the application or interview process to help you present your best self please let us know at

At ASX Group our diverse workforce is essential to build and maintain a fair and dynamic marketplace. We support flexible working and offer hybrid working options. Even if our roles are advertised as full-time we encourage you to apply if you are interested in part-time or other flexible working arrangements.

We will arrange for successful candidates to have background checks including reference and police checks completed as part of the on-boarding process.

To be considered for this position candidates must be legally authorised to work in Australia on a permanent basis without any restrictions.