Job Description

IT Risk and Controls Specialist

Location: Sydney, NSW 2000

Company: BGIS

Employment Type: Full Time

About the Role

We are seeking a motivated IT Risk & Compliance Specialist to strengthen our IT General Controls (ITGC) and Sarbanes-Oxley (SOX) compliance program across our APAC operations. This offers an excellent opportunity to develop expertise in cybersecurity, information security frameworks, and risk management while working alongside experienced security professionals in a dynamic environment serving multiple sectors.

In this role, you will play a critical part in monitoring control effectiveness, supporting internal and external audit activities, and driving continuous improvement in our compliance posture.

Key Responsibilities

Compliance Monitoring & Control Testing

• Monitor and enforce adherence to internal IT policies and external regulatory requirements including SOX and ISO 27001
• Design, review, and execute IT control testing procedures to assess effectiveness and identify control gaps
• Maintain comprehensive documentation of control testing activities, results, and evidence for audit readiness
• Communicate audit observations, control deficiencies, and risk findings to stakeholders with clear, actionable recommendations
• Develop and recommend corrective and preventive action plans that are practical, cost-effective, and aligned with business objectives
• Track remediation activities resulting from internal and external audit findings, ensuring timely closure with appropriate evidence
• Collaborate with IT, security, and business teams to implement and maintain effective control environments
• Provide guidance and training to control owners on proper control execution, documentation standards, and testing methodologies
• Facilitate communication between technical and non-technical stakeholders to ensure shared understanding of compliance requirements
• Identify opportunities to streamline audit processes, improve control automation, and enhance compliance reporting
• Contribute to the development and maintenance of the IT risk register and compliance dashboard metrics
• Stay current with evolving regulatory requirements, industry standards, and audit best practices
• Support ad-hoc compliance projects and security initiatives as needed

What We're Looking For

Essential Experience

• 2+ years of experience in IT audit, IT controls testing, or information security compliance roles
• 2+ years of hands-on SOX compliance experience, including Sarbanes-Oxley Section 404 ITGC testing
• Demonstrated experience with IT control frameworks such as SOX,COBIT, COSO, or ITIL
• Proven ability to conduct control walkthroughs, design test procedures, and document testing evidence
• Professional Skills
• High proficiency in Microsoft Excel, Word, and PowerPoint
• Excellent written and verbal communication skills with the ability to present complex technical concepts to diverse audiences

Qualifications

Required

• Bachelor’s degree in information systems, Computer Science, Accounting, Information Security, or related field

Certifications (Preferred or In Progress)

• Certified Information Systems Auditor (CISA)
• Certified Internal Auditor (CIA)
• ISO 27001 Lead Auditor (LA) or Lead Implementer (LI)
• CISSP, CISM, CRISC, or other relevant cybersecurity certifications

Why Join BGIS?

Key Benefits Include:

✔ Spot recognition vouchers and $2,000 employee referral bonus
✔ Access to Flare for retailer, utility and lifestyle discounts
✔ Fitness Passport for you and your family
✔ AFR Best Places to Work 2024 & 2025
✔ Winner – Inspiring Workplaces Award 2025
✔ WORK180 Employer of Choice for Women
✔ WGEA Compliance Certification
✔ 2 paid volunteer days annually
✔ Career mobility and internal progression pathways
✔ Leadership development programs
✔ Health & wellbeing support including EAP

BGIS is committed to fostering an inclusive workplace where diverse perspectives are welcomed and supported.

BGIS is an equal opportunity employer. We strongly encourage applications from women, Aboriginal and Torres Strait Islander peoples, LGBTQIA individuals and people from culturally diverse backgrounds