Avant is Australia's leading medical defence organisation with a proud heritage of protecting Australian medical professionals for over 125 years.Avant now represents 80,000 health practitioners and medical students across every state and territory, delivering market leading products and services to meet their professional, personal and practice needs.
Building on this heritage, our vision is to be the most trusted professional partner in supporting doctors throughout their lives and careers.As a mutual organisation, owned by members and run purely for their benefit, our members are at the centre of all we do.
As well as providing products and services to our member, we play a broader community role by advocating for improvements in the healthcare system and in quality, safety and professionalism in medicine, through delivering education and research activities.About the RoleThe Technology Risk Manager is responsible for identifying, assessing, and managing risks associated with Avant's technology infrastructure, information security, operations, and projects.
This role ensures that effective risk management practices are integrated into the technology strategy and operations while aligning with Avant's overall risk management framework.The Technology Risk Manager plays a key role in collaborating with various technology and business stakeholders to mitigate risks, improve Technology controls, and ensure compliance with relevant regulatory standards.Key requirements:Demonstrate sound understanding of APRA regulations and standards in the Risk Management prudential framework, including CPS234, CPS230, CPS231.Develop and enhance Risk Frameworks: Contribute to implementing the Information Technology Risk Management Framework across the business, in addition to a common and centralised control methodology.Risk Culture and Practices: Work collaboratively across Information technology Senior Leadership, and within the Line 1 IT risk team, to embed risk management practices into everyday practices, promote a culture of innovation in risk management, embed controls, and monitor/report on issues.Risk Reporting and Analytics: Prepare and present regular risk reports, dashboards, and updates to senior management and risk committees.
Develop and maintain technology risk registers and ensure timely updates to risk management documentation.Controls Enhancement and Automation: Drive initiatives to simplify and automate technology risks and controls, monitoring, quality assurance and control self-assessments.Key accountabilities:Implement and maintain the guidelines, specifications, and processes for the execution of the Avant Mutual Group Risk Management Strategy.Manage operational risks within the business on a daily basis, including defining risk appetite and tolerances across key operational risks.Coordinate and complete risk profile reviews, including review of specific business risk assessment scenarios.Develop and coach business line team members in relation to contemporary Risk Management techniques based around ISO 31000 and the Avant Group Risk Management Framework and IT Risk Management Framework.Design and implement risk management tools as identified and agreed with management to enhance risk management outcomes within the business line.Input to development and implementation of the business line annual Business Plan from a risk perspective.Work closely with the Avant Group 2nd Line of Defence Risk and Compliance teams, to ensure consistently effective business risk management outcomes, and contributing to the ongoing enhancement of Risk Management practices and outcomes within the Avant Mutual Group.Maintain and take charge of professional development in conjunction with line manager.Participate in industry forums and professional groups.To be successful you will have:Relevant tertiary qualifications – Degree.Similar industry (preferably Insurance, Medical, Finance and or Legal area) experience.3-5+ years of experience in IT risk management, cybersecurity, technology audit, or related fields.Proven experience working in a highly regulated industry such as financial services, insurance, or healthcare, with an understanding how to deliver to APRA regulatory requirements CPS230, CPS231, CPS234 etc.Strong understanding of IT systems, networks, information security principles, and cloud technologies.Familiarity with risk frameworks and methodologies (e.g., ISO 31000, NIST, COBIT, ITIL etc).Certifications highly desirable but not mandatory: (CISA), (CISSP), (CRISC), (CISM) etc.Strong communication skills with the ability to engage and influence technology and business stakeholders at all levels.Highly professional attitude and to demonstrate how to influence technology co-ordination and remediation across teams.Analytical and problem-solving mindset with a focus on detail and accuracy.Ability to work in a dynamic environment with competing priorities.Proficiency in report writing and presenting risk findings to both technical and non-technical audiences.At Avant, our people are the centre of everything we do for our members.
We offer a range of benefits and opportunities to enable you to make a difference, learn, and grow in your career.We value our people by offering an inclusive workplace with a diverse range of benefits, flexible working options, career development, and internal mobility opportunities.
Our flexible working arrangements are designed to enable genuine work-life balance.Your development is our priority and we have a variety of learning and development programs that will support you in your career.We offer support to our people via Employee Assistance Program (EAP), Health and Wellbeing programs, Tertiary Education Sponsorship and Support.We have a diverse and connected work environment where your contribution and ideas will be valued and respected and make a real difference to the lives of others.For further information, please contact our Careers team at note: Avant Mutual is a vaccinated employer.
Prior to the commencement of your employment by Avant, you are required to be fully vaccinated against the Covid-19 virus or have a medical certificate stating that you cannot receive a Covid-19 vaccination for valid medical reasons.#J-18808-Ljbffr