Cyber Risk and Governance Leader

Title: Cyber Governance and Risk Lead (Reporting to Group CISO)

An opportunity for a seasoned Cyber Risk and Governance leader looking for a new challenge.

Are you driven to leading transformative programs that shape an organisation’s cyber governance and risk landscape?

Do you like building and managing teams?

Does uplifting the maturity of a complex organisation interest you?

This role will be the leader of a GRC function that will drive everything from strategy, delivery, and communication across a business with the help of a team that will be hired by you. In this partly greenfield role, you will get to make huge change within a very established brand.

Company:

We are partnering with a leading Australian organisation that prides itself on being customer-focused and innovation-driven. Over the years, this company has experienced significant growth and investment in its cyber and risk team, with numerous cyber initiatives successfully implemented. As the organisation continues to evolve, there is a strong focus on building a robust second-line risk function.

Role Overview:

We are looking for a seasoned professional to take on a lead role, leading the Cyber Governance and Risk team. This strategic, hands-on position will involve building and refining risk frameworks, guiding the organisation through its cyber maturity journey, and leading transformative programs across multiple divisions. Reporting directly to the CISO, you will be a key member of the senior leadership team, providing continuous improvement to the board and senior management reporting.

This is a rare opportunity to shape the cyber governance and risk landscape of a large, complex, and rapidly evolving environment.

Key Responsibilities:

• Lead the cyber governance and risk function, helping to design and establish comprehensive risk frameworks and governance programs across the organisation.
• Oversee risk metrics and reporting, ensuring board-level insights are provided. Strong technical competence in cyber risk is essential, particularly in relation to frameworks (Like ISO, NIST, FAIR)
• Shape the strategic direction of cyber risk management, ensuring programs are well-designed, implemented, and aligned with the organiaation's overall objectives.
• Build strong relationships with key stakeholders, including the heads of security, senior executives, and cross-functional teams, to ensure seamless collaboration and communication.
• Lead a small, dynamic governance and risk team, while also providing virtual management across broader organisational initiatives. Act as a coach and mentor to other business units, fostering a culture of continuous learning and development.
• Lead initiatives involving mergers & acquisitions, artificial intelligence, and other cutting-edge technology risks, shaping the cyber governance and risk approach across a wide range of businesses.
• Ensure effective communication of risk strategies and decisions at the executive level, preparing reports and insights that help drive business decisions.

Experience Required:

• Minimum 8 years of experience in cyber risk management, governance, and technology risk.
• Experience in complex environments, ideally with a mix of enterprise and security consulting experience.
• Proven track record in designing and implementing risk management frameworks, with knowledge of methodologies.
• Strong communication and business acumen, with frequent interaction with senior stakeholders, board members, and technical teams.
• A keen interest in the evolving nature of governance and risk, with a passion for integrating emerging technologies into strategic plans.
• Familiarity with cyber risk metrics, board-level reporting, and regulatory requirements.

Why Join:

• Play a pivotal role in shaping the future of cyber governance and risk within a large Australian enterprise.
• Grow and build a new team, recruit, coach and mentor.
• A meaningful role. Contribute to high-impact projects that drive business growth and enhance risk management capabilities.
• Gain exposure to a wide range of industries, including mergers & acquisitions and AI, in a constantly evolving environment.

Location: Melbourne

Hybrid WFH Flexility: Hybrid working, 3 days in-office per week.

How to apply: Click apply or submit your CV to [email protected] for a 100% confidential, informal conversation where your privacy will absolutely be respected.

Decipher Bureau and the clients we partner with are committed to creating a diverse environment and are proud to be equal-opportunity employers. All qualified applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.