Principal Technology Risk and Compliance

You already applied for this job.




Western Australia

Work type

Full Time

Job category


Date published

26 November 2019

Date closing

06 December 2019 at 00:00 GMT

About BHP

At BHP we support our people to grow, learn, develop their skills and reach their potential. With a global portfolio of operations, we offer a diverse and inclusive environment with extraordinary career opportunities.  Our strategy is to focus on creating a safe work environment where our employees feel strongly connected to our values and objectives, and where the capability of our people is key to our success. Come and be a part of this success.

About the role

As the Principal Technology Risk and Compliance, you will be responsible for all Technology risk, audit and regulatory compliance initiatives and key activities for the designated region or jurisdiction. You will support regional risk, audit and compliance activities and adherence to all relevant Global Level Document (GLD), policies and standards. You will develop and present reports that cover the risk profile of the region, overdue audit actions and compliance requirements. Reporting to the Manager, Technology Risk and Compliance, your accountabilities will include:

·         Leads all risk and compliance related initiatives and activities for Minerals Australia region.
·         Facilitates training and awareness activities to ensure Technology teams are familiar with the risk management framework, procedures and key activities that will need to be performed in line with the Our Requirements Risk Management Framework.
·         Actively participates in regional cybersecurity events and awareness sessions.
·         Works closely with the Risk Business Partners in the region to ensure Material Risk Evaluation (MRE) are completed on time and within the required standards.
·         Supports regional audit activities such as providing requested documents/information, coordination of testing activities and tracking status of management actions.
·         Works with project teams to conduct security assessments and identify gaps for remediation.
·         Presents key insights and themes to local leadership and management teams, specifically those that require actions and decisions.
·         Provides regular monitoring and reporting on the compliance status of all relevant regulatory obligations and determine potential non-compliance that will require actions or remediation activities.
·         Supports global initiatives and obtains needed data/information from region for overall consolidation.

About You

To be successful in the role, you will ideally have the following skills and experience:

·    Strong relevant industry experience (Mining, Resources, Banking or Telco) in domain areas (Enterprise and Operational Risk Management, Cybersecurity, Service Management, Auditing and Advisory/Consulting).
·    Knowledge and experience using Governance, Risk and Compliance Tools such as 1SAPGRC, Oracle GRC, RSA Archer etc.
·    Knowledge and experience of Technology processes, systems and tools.
·    Experience performing roles across the three lines of defence as well as hands on operational role.
·    A Technical Degree is mandatory in Computer Science, Technology, Engineering, or Management Information Systems.
·    CISSP, CISA or CRISC certification (or equivalent in other domain).
·    Excellent communication skills and stakeholder management skills.
·    Spanish language expertise would be an advantage.

Supporting a diverse workforce

At BHP, we recognise that we are strengthened by diversity. We are committed to providing a work environment in which everyone is included, treated fairly and with respect. We are an Equal Opportunity employer and we encourage applications from women and Indigenous people. We know there are many aspects of our employees’ lives that are important, and work is only one of these, so we offer benefits to enable your work to fit with your life.  These benefits include flexible working options, a generous paid parental leave policy, other extended leave entitlements and parent rooms.  
Loading the player...