IT Risk & Controls Specialist

IT Risk and Controls Specialist

Location: This role is open to applicants across Australia
Company: BGIS
Employment Type: Full Time

We are seeking a highly capable IT Risk & Compliance Specialist to strengthen and take ownership of our IT General Controls (ITGC) and Sarbanes-Oxley (SOX) compliance program across our APAC operations. This role requires an individual who can independently run and manage the SOX compliance and ITGC testing function at BGIS, ensuring a robust and sustainable control environment.

This is a critical, stakeholder-facing position that works closely with senior leadership, external auditors, and cross-functional teams. You will play a key role in driving compliance outcomes, influencing control owners, and ensuring clear, effective communication of risk and control matters.

In this role, you will monitor control effectiveness, lead audit engagement activities, and drive continuous improvement in our compliance posture while operating with a high degree of autonomy.

Compliance Monitoring & Control Testing

• Monitor and enforce adherence to internal IT policies and external regulatory requirements including SOX and ISO 27001
• Design, review, and execute IT control testing procedures to assess effectiveness and identify control gaps
• Maintain comprehensive documentation of control testing activities, results, and evidence for audit readiness
• Communicate audit observations, control deficiencies, and risk findings to stakeholders with clear, actionable recommendations
• Develop and recommend corrective and preventive action plans that are practical, cost-effective, and aligned with business objectives
• Track remediation activities resulting from internal and external audit findings, ensuring timely closure with appropriate evidence
• Collaborate with IT, security, and business teams to implement and maintain effective control environments
• Provide guidance and training to control owners on proper control execution, documentation standards, and testing methodologies
• Facilitate communication between technical and non-technical stakeholders to ensure shared understanding of compliance requirements
• Identify opportunities to streamline audit processes, improve control automation, and enhance compliance reporting
• Contribute to the development and maintenance of the IT risk register and compliance dashboard metrics
• Stay current with evolving regulatory requirements, industry standards, and audit best practices
• Support ad-hoc compliance projects and security initiatives as needed

Essential Experience

• 3+ years of experience in IT audit, IT controls testing, or information security compliance roles
• Strong, hands-on experience with SOX compliance, including Sarbanes-Oxley Section 404 ITGC testing
• Proven ability to independently lead and own SOX compliance and ITGC testing activities end-to-end
• Demonstrated experience with IT control frameworks such as SOX, COBIT, COSO, or ITIL
• Proven ability to conduct control walkthroughs, design test procedures, and document testing evidence

Stakeholder & Communication Capability

• Strong stakeholder management experience, with the ability to confidently engage and influence senior leadership, external auditors, and cross-functional teams
• Excellent written and verbal communication skills, including the ability to translate technical concepts into clear business language
• Experience preparing and delivering clear, concise reporting on risk, controls, and compliance outcomes

Technical & Professional Skills

• High proficiency in Microsoft Excel, Word, and PowerPoint
• Strong analytical skills with attention to detail and a proactive approach to problem-solving

Required

• Bachelor's degree in Information Systems, Computer Science, Accounting, Information Security, or related field

Certifications (Preferred or In Progress)

• Certified Information Systems Auditor (CISA)
• Certified Internal Auditor (CIA)
• ISO 27001 Lead Auditor (LA) or Lead Implementer (LI)
• CISSP, CISM, CRISC, or other relevant cybersecurity certifications

Key Benefits Include:

Spot recognition vouchers and $2,000 employee referral bonus
Access to Flare for retailer, utility and lifestyle discounts
Fitness Passport for you and your family
AFR Best Places to Work 2024 & 2025
Winner - Inspiring Workplaces Award 2025
WORK180 Employer of Choice for Women
WGEA Compliance Certification
2 paid volunteer days annually
Career mobility and internal progression pathways
Leadership development programs
Health & wellbeing support including EAP

BGIS is committed to fostering an inclusive workplace where diverse perspectives are welcomed and supported.

BGIS is an equal opportunity employer. We strongly encourage applications from women, Aboriginal and Torres Strait Islander peoples, LGBTQIA+ individuals and people from culturally diverse backgrounds.