Technology Risk Manager

As a Technology Risk Manager, you will play a crucial role in safeguarding our company's technology infrastructure, data assets, and overall security posture.

Collaborating with cross-functional teams, including IT, security, and compliance, you will be responsible for assessing, analyzing, and mitigating technology-related risks while ensuring compliance with industry standards and best practices.

You will work with the Technology & Operations team with a focus on Risk in Change and Data Governance.Note : This role requires full-time onsite presence, 5 days a week, at our Sydney office.

Job Description Key AccountabilitiesImplement the compliance risk management framework and processes, to support the operational risk management strategy.Risk Assessment and Analysis : Conduct comprehensive risk assessments of technology systems, infrastructure, and processes to identify potential vulnerabilities and threats.Ensure the effectiveness of controls through control design development and periodic control testing.Analyze and evaluate existing controls, identify gaps, and make recommendations for risk mitigation strategies.Monitor and report on emerging technology risks and stay up to date with industry trends and best practices to proactively identify potential risks to the organization.Compliance and Governance : Ensure technology systems and processes comply with applicable regulatory requirements and industry standards.Develop and maintain technology risk management frameworks, policies, and procedures to ensure adherence to risk management guidelines.Support internal and external audits by providing accurate and timely documentation and addressing findings related to technology risks.Risk Mitigation and Remediation : Collaborate with cross-functional teams to develop and implement risk mitigation strategies, controls, and action plans.Provide guidance and support to technology teams to address identified risks and vulnerabilities.Track and monitor risk mitigation activities to ensure timely resolution of identified issues.Incident Response and Business Continuity : Participate in technology & operational incident response activities, including investigating and analyzing security incidents, identifying root causes, and recommending remedial actions through to resolution.Contribute to the development and testing of technology-related business continuity and disaster recovery plans and Risk in Change (Delivered Risk).Coordinate with stakeholders to ensure effective communication and timely resolution of technology-related incidents.Technical : Knowledge of technical infrastructure, networks, databases, and systems in relation to digital security and risk.Awareness of vulnerability management and security information event management technologies.Prior experience performing security reviews and risk assessments.Ability to work through issues, weigh up alternatives and identify the most effective solution.Reporting and Communication : Prepare and present regular reports on technology risk assessments, trends, and mitigation efforts to senior management and stakeholders.Communicate complex technology risk concepts to non-technical audiences and provide guidance on risk management best practices.Collaborate with internal teams to develop and deliver training programs on technology risk awareness and mitigation.Identify opportunities for process enhancements and automation to streamline technology risk management practices.Stay abreast of emerging technology risks and industry advancements to continually improve risk assessment methodologies and tools.Contribute to the development and implementation of a risk-aware culture within Blueberry Markets.Be an ambassador for Blueberry in the market; promote our interests and reputation.Follow our policies, procedures, and code of Ethics and Conduct.Protect our confidential information and intellectual property.Play an active role in your safety and the safety of others around you.Inspire confidence and urgency within the department and across the team for the delivery of timely, high-quality service to internal and external customers.Foster a culture of continuous improvement.Continuously drive agility and flexibility in responding to market and industry changes.

Desired Skills and Experience QualificationsBachelor's degree in computer science, information systems or a related field.Experience5+ years risk management experience with a proven ability to engage and communicate complex IT security concepts with senior management and technical team to ensure the organisation's information assets are secured to a level commensurate with the value of those assets.Proficiency in technologies related to risk assessment and analysis, such as vulnerability scanning tools, network security tools, data loss prevention (DLP) solutions, and log analysis tools.Strong writing, interpretation, communication, and presentations skills.Knowledge of cloud computing, application security, network infrastructure, and secure coding practices.Familiarity with industry-recognized risk management frameworks such as COSO (Committee of Sponsoring Organizations of the Treadway Commission), NIST Cybersecurity Framework, or ISO 31000 can be advantageous.Certified Information Security Manager (CISM)Experience within the Financial Services, Banking or Trading industryKnowledge and experience of IT related legislation, policies, procedures, and systems within FX and Forex trading.Understanding and application of BCP, DRRecent experience gained in Risk in Change and Data Governance required.Highly adaptable with an appetite to work in a growing and changing environment.