About the Role:
The role is based in Port Moresby and reports directly to the Head of Technology Governance. The successful incumbent is responsible for overseeing IT risk management, audit, and compliance functions within the Technology SBU. This role ensures that Technology operations, systems, and processes align with regulatory requirements, industry best practices, and internal policies.
Key Deliverables:
- Establish, implement, and maintain IT governance frameworks, ensuring alignment with industry standards (e.g., COBIT, ITIL)
- Develop and monitor IT policies, procedures, and control mechanisms to safeguard information assets.
- Drive continuous improvement in IT governance, risk, and compliance (GRC) processes.
- Provide strategic guidance to IT leadership on governance-related initiatives.
- Manage the identification, assessment, and mitigation of IT risks across applications, infrastructure, and operations.
- Provide oversight in the development and maintain an IT risk register, ensuring proactive risk identification and treatment.
- Conduct periodic risk assessments and recommend mitigation strategies.
- Collaborate with Operational Risk Management, the broader business and IT stakeholders to enhance risk awareness and response.
- Provide oversight in the management of IT audits (internal and external) by coordinating with auditors, responding to inquiries, and ensuring compliance with audit requirements.
- Implement controls to ensure IT operations meet regulatory and industry standards.
- Oversee the tracking of audit findings, ensure timely remediation, and report on compliance status.
- Collaborate with Information Security/cybersecurity teams to ensure security policies, frameworks, and controls are implemented effectively.
- Support incident management processes, ensuring risk-based responses to security breaches and IT disruptions.
- Advise senior leadership on IT governance, risk, and compliance matters.
- Provide regular risk and compliance reports to executive management and board committees.
- Engage with regulators, auditors, and third-party vendors on IT governance-related activities.
Essential Qualifications, Professional/Skills & Experience:
- Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.
- Deep understanding of IT controls, cybersecurity principles, and regulatory requirements.
- Strong analytical skills to assess risks, evaluate controls, and recommend solutions.
- Proven leadership experience with at least 5 years in a leadership role.
- 8+ years of experience in IT governance, risk management, compliance, or audit functions.
- Proficient in digital risk management & ITIL methodologies and tools.
- Excellent communication skills, able to clearly articulate complex technology risks to business stakeholders.
- Ability to lead cross-functional teams and drive governance improvements.
- Strong interpersonal skills and the ability to develop effective trustworthy relationships with the Technology SBU and business stakeholders.
- Excellent problem solving and self-management.
- Sound People Management Skills.
- Strong experience in managing IT audits and regulatory compliance.