Enterprise Risk and Assurance Manager

Introduction 

The Pepperstone story started in 2010. We know what it’s like to trade the world’s markets. Our team describes us as a place for the curious and the driven, and we like to do things a little differently; as a transformative global fintech we’re digital, nimble, connected, and united in our vision to create a better way to trade. 
 
We thrive on progress – for our clients and for ourselves. Our organisational culture is ever-evolving, vibrant, diverse, global and results focused. 
 
You’ll find our 550+ team currently across 11 locations and 9 time zones. 

The Role

The Risk Manager plays a pivotal role in supporting the strategic delivery of Pepperstone’s enterprise-wide risk and assurance agenda. Reporting to the Global Head of Risk and Assurance, this role leads key initiatives across enterprise risk, audit planning, business continuity, and ICT risk management. As a trusted advisor uplifting risk maturity, the Risk Manager delivers the actions outlined in the Risk strategy and champions the implementation the GRC tool. The role also leads cross-functional engagement on criticalincidents and issues. With exposure across global operations, this position is suited to a highly motivated professional who thrives in a fast-paced, agile environment and is passionate about enhancing risk maturity and resilience at scale

As our Risk Manager, your key responsibilities include, but may not be limited to: 

Enterprise Risk Management

• Lead initiatives to embed enterprise risk frameworks aligned with Pepperstone’s risk appetite and delegation framework
• Drive improvements in risk reporting, analytics, and visualisation to support decision-making
• Support the operationalisation of risk appetite statements and guide risk owners in embedding controls into business processes
• Champion the integration of the GRC platform and contribute to system optimisation efforts

Assurance and Control Testing

• Lead the delivery of assurance activities including RCSA (risk control self-assessments), walkthroughs across Lines 1 and 2, and control testing
• Use data insights to identify control gaps and improvement opportunities, collaborating with control owners to implement enhancements
• Guide stakeholders on effective control design and foster a culture of continuous improvement

Audit Planning and Remediation

• Assist in scoping the annual audit plans in line with enterprise risks and business priorities across licenses and entities
• Support coordination of internal and external audit engagements, ensuring timely information flow between business units and auditors
• Track audit actions and drive remediation plans with stakeholders

Business Continuity Planning (BCP)

• Lead the update of Business Impact Analyses (BIA) and the implementation of business continuity testing
• Support documentation and training programs to ensure readiness across global functions
• Collaborate with business units/teams to assess disaster recovery capabilities and test outcomes

ICT Risk

• Collaborate with IT, Cybersecurity, and Compliance to strengthen ICT risk monitoring and enhance third-party risk management practices
• Support key risk reviews, coordinate penetration testing, and contribute to cybersecurity control enhancements
• Maintain oversight of ICT risk indicators and associated risk treatment plans

Incident and Issue Management

• Lead cross-functional business process incident reviews, ensuring swift resolution and clear post-incident analysis
• Promote a lessons-learned culture by helping teams identify root causes and implement preventative measures
• Maintain oversight of the issue register and contribute to reporting on emerging risks and systemic themes

Audit and Risk Committee Secretary

• Assist in preparing board and committee reports, particularly for the Audit and Risk Committee
• Draft meeting minutes for committee approval and regulatory engagements
• Track actions and activities arising from committee meetings to ensure progress and delivery of outcomes

About You

• Degree-qualified in Business, Finance, Risk, IT, or a related discipline
• Professional certifications such as CRISC, CISA, or equivalent are desirable
• 6–10 years of experience across enterprise risk, operational risk, or internal audit, preferably within financial services
• Exposure to GRC platforms and experience supporting system rollouts or enhancements
• Strong understanding of ICT and cyber risks, and associated control environments
• Experience in coordinating business continuity and operational resilience programs
• Collaborative mindset with demonstrated ability to influence across departments and regions
• Structured thinker with strong written and verbal communication skills
• Highly adaptable and able to manage multiple priorities in a fast-paced environment
• Commercially savvy with a solutions-oriented approach
• Curious, proactive, and committed to continuous learning and improvement
• Strong integrity and alignment with Pepperstone’s values
• Experience working in financial markets or the retail OTC derivatives industry (desirable)
• Experience working across geographies and time zones (desirable)

Why you will enjoy working with us

• Competitive salary structure including company bonus scheme 

• Genuinely collaborative and friendly culture 

• Flexible and hybrid working 

• Remote working option - work from anywhere for up to 6 weeks per year, in addition to hybrid working as standard 

• Ongoing personal development & learning opportunities 

• 15 weeks paid primary carers parental leave & 4 weeks paid secondary carers leave 

• 3 paid volunteering days per year & Workplace Giving Program 

• Frequent events and celebrations including a standard weekly social 

• Beautifully renovated large office at Collins Square - 727 Collins Street, Melbourne 

• Best in class end of trip facilities including bicycle parking, change rooms & showers 

• A full stocked kitchen, onsite coffee machines with locally sourced coffee beans (this is Melbourne after all) and curated specialty teas 

More About Pepperstone  

We’re a regulated online Forex and CFD trading platform. With the scale of a global fintech and the agility of a start-up, we arm our clients with everything they need to take on the global markets with confidence. You will be part of a wider passionate and friendly team, and whilst things may not always go to plan, we learn quickly and move forward with impact. To learn even more visit Pepperstonecareers and www.linkedin.com/company/pepperstone/ 

We understand it’s important to do due diligence on a prospective employer, see what our team are saying on Glassdoor. We respect our team members’ experiences and will never pay to remove a negative review. 

Pepperstone is an equal opportunity employer. We are passionate about building a diverse workplace and strongly encourage applications from any background. 

“We are a 2025 Circle Back Initiative Employer – we respond to every applicant”. 

We will be reviewing applications as they come through, so if this is an opportunity that excites you, don't wait. Express your interest by clicking the apply button below as soon as possible. 

Note to external agencies: While we appreciate the efforts of external recruitment agencies, we prefer to engage directly with applicants for this opportunity. 

#Li-Hybrid