IT Risk & Compliance Manager

About us

At Officeworks we make bigger things happen. Our customers, our team, and our community are our heart and soul. And if our brilliant people have taught us anything, it is that we can do all kinds of incredible things, each and every day.

Fast paced. Innovative. Inspiring. With close to 10000 team members and a national footprint of more than 168 retail stores Australia wide – we’re focused on delivering a wide range, low price and great service. We’re about inspiring new ideas and thinking outside the box. We’re about kicking goals, having a laugh and pushing each other. We are about being rewarded and supported. We’re about teaching a customer something new and supporting the community. We’re about making a difference.

About the role

As the IT Security Risk and Compliance Manager, you'll be responsible for guiding the GRC team in the delivery of security governance, risk and compliance activities. Managing reporting to governance forums, guiding 3rd party risk activities, ensuring compliance activities have been performed, undertaking risk assessments and maintaining our information security policies are regular activities. You will also support the creation of a security-focused culture and contribute to the overall security strategy. 

Key Responsibilities: 

• Lead IT Risk Management: Develop and manage cyber risk frameworks and maintain the Officeworks cyber risk register, conduct risk assessments and follow-up risk mitigation activities. 
• Compliance Oversight: Ensure compliance activities involved with key regulations such as PCI-DSS and Privacy Act and being regularly conducted 
• Third Party Risk: Oversight the third-party risk assessment process and assist the team finalise assessments. 
• Audit & Risk Reporting: Facilitate Audits and Assessments, monitor and report on audit findings, and remediation activities. 
• Security Reporting: Collate and edit regular reporting to senior management and governance forums on the status of security in Officeworks. 
• Quality Assurance: Ensure that IT risks are managed in line with Officeworks' policies and industry best practices. 
• Leadership & Culture: Lead a security team, promote a positive security culture, contribute to change initiatives. 
• Cost Management: Ensure IT services are delivered within budget, while identifying opportunities for cost efficiency. 

About you

Education & Certifications: 

• Tertiary qualifications in Computer Science, Cyber Security or relevant field 
• Relevant industry certifications such as CISSP or CISM 

Experience: 

• 5+ years of IT Security experience, ideally within the retail sector 
• Experience working and presenting to senior business leaders 
• Expertise in IT risk management frameworks and security control frameworks (ISO, NIST) 
• Experience in leading teams 

Skills & Attributes: 

• Strong communication, presentation, and stakeholder engagement skills 
• Aptitude to lead, guide and develop team members reporting to you 
• Ability to translate technical security information into business-friendly language 
• Experience in influencing senior stakeholders and resolving conflicts 
• A pragmatic approach to balancing technical security needs with business objectives 
• High integrity, attention to detail, and strong teamwork abilities 

Our culture

It’s all in a day’s work when you’re part of the Officeworks community – where you’re not defined by who you are, but what you can do. We celebrate our teams’ uniqueness by offering the below to the Officeworks family:

• An inclusive, diverse, and supportive environment.
• Flexible working arrangements to best support your individual needs.
• A key focus on wellbeing and safety.
• Generous discounts at Officeworks, Bunnings, Kmart, Target and Catch.
• Ongoing training and development opportunities to progress your career.
• Industry leading Growing Families policy.

At Officeworks, we operate best when our team represents the communities we serve. We proudly commit to providing a safe and supportive work environment for everyone. We actively encourage applications from all candidates, including Aboriginal and Torres Strait Islander peoples, the LGBTQI+ community and people with disabilities.

Officeworks is a ‘Circle Back Initiative’ employer – we commit to respond to every applicant. #LI-MS and #LI-Hybrid