Governance & Enterprise Risk Manager

Apply Now


Role Overview

The Governance & Enterprise Risk Manager role leads the GRC team’s delivery of key risk governance materials for management and Board forums and plays a key role in ensuring enterprise adoption/implementation of the Risk Profiling Standard. They lead the strategic direction for the GRC System used to underpin all risk and compliance workflows, serve as a key relationship point for nominated Group Executives, own emerging risk analysis and assists with the execution of the fraud risk strategy.


Key Accountabilities

Key accountabilities may vary as business needs constantly evolve, but generally will include:

  • Oversight of final delivery of key governance materials, for forums including:
    • Monthly Risk & Compliance Committee
    • Monthly Board, through Risk & Compliance contribution to CEO report
    • Bi-monthly Audit & Risk Committee
  • Assist first-line risk resources to implement the Risk Profiling Standard through ongoing support and engagement. Lead the development of fit for purpose training content (e.g. QRGs, standard operating procedures, videos) to support the first-line
  • Ensure alignment of BU risk profiles across the enterprise through regular review and challenge of BU risks, controls, risk ratings, risk treatments and KRIs
  • Lead ongoing program of work to elevate risk awareness through educational sessions and coordinate regular risk awareness surveys to assess progress
  • Lead development and periodic re-evaluation of emerging risk analysis, extending this to consider relevant deep-dive reviews as deemed appropriate
  • Assist with annual (and ad-hoc) Risk Appetite Statement review and update, in consultation with key stakeholders across the enterprise
  • Serve as GRC relationship lead for one or more Group Executives, supporting relevant projects/initiatives/M&As in a second line capacity within assigned business unit(s)
  • Manage relationship with managed services partner(s) and Workplace Technology system owners to maintain and enhance the GRC System, driving improvements to system usage and adoption. Oversee key risk management processes through the GRC System, including incident management, action management, control documentation and attestation
  • Assist with execution of PEXA’s fraud risk strategy, working with first-line risk resources to periodically review PEXA’s fraud risks and independently ensuring the appropriateness and adequacy of key controls to manage same
  • Guide other team members and internal stakeholders in the development of their governance, risk and compliance skillsets
  • Provide challenge to encourage consideration of alternative viewpoints and incorporate feedback/challenge from others in deliverables.

Knowledge & Skills

Demonstrated ability to lead engagements with external parties and manage internal resources to achieve key deliverables
Ability to deliver multiple initiatives/projects simultaneously and autonomously with a sense of urgency
Demonstrated ability to challenge the status-quo and accepted thinking
Ability to partner with the business to strike an appropriate balance between agility and governance
Polished written and oral communicator across management and executive levels of the organisation, while remaining relatable and engaging for all staff in an agile organisation.

Key behavioural skills: 


  • Initiative shown in making decisions and developing strategies to complete complex deliverables


  • Manage engagements with internal and external stakeholders
  • Guide and develop relevant skills of junior team members and other stakeholders


  • Co-operation with team members
  • Develop strong relationships with internal and external stakeholders


  • Readily taking on feedback and seeking self-improvement
  • Assist outside normal duties when needed
  • Constantly adapting to change

Quality of Work

  • Attention to detail
  • Strong written/verbal communication skills
  • Ability and expertise in getting things done


  • Open to challenge
  • Continues to 'get on with it' despite change and uncertainty




  • Experienced in the application of risk management, compliance and internal audit frameworks (preferably for 7+ years)
  • Tertiary qualifications in a relevant field.


  • Understanding of the business, regulatory and strategic context for an Electronic Lodgement Network Operator in the Australian and global market
  • Proficiency in use of GRC systems (preferably ServiceNow)
  • Strong proficiency in MS Office Suite and process mapping software (preferably Signavio)
  • Appropriate post-graduate qualifications and/or industry accreditation/certification. 


Apply Now