Security & Technology Risk Manager
EMLEML is a leading Workers Compensation and Personal Injury Claims Management business. Our goal is to help people get their lives back through ongoing support during their return-to-work journey. We continue to experience ongoing growth and now have over 4,000 dedicated employees. We foster a learning culture that allows for us to continually invest in our employees ensuring a long-term career here at EML.
THE OPPORTUNITY
As part of our diverse team based in Sydney, you will help make a positive impact on someone’s life every day. You will feel great satisfaction knowing your talent and hard work has a purpose.
As a Security & Technology Risk Manager, you will lead the identification, assessment and management of technology and cyber security risks across EML. You will ensure risks are proactively managed in line with our ISO 27001 Information Security Management System and defence-in-depth security framework.
You will work closely with the Cyber & Information Security Manager to strengthen and continuously improve the ISMS, ensuring alignment with security standards, regulatory obligations and client expectations. You will partner various stakeholders to embed risk awareness into projects, operations and change initiatives, balancing commercial outcomes with strong security governance.
This will be a full time, permanent position based in our Sydney office, with work-from-home flexibility (up to 3 days per week).
YOUR RESPONSIBILITIES
- Own and maintain the Technology Policy Library, ensuring policies are current, compliant and audit ready.
- Conduct third party / supplier risk reviews to provide business owners with potential exposure of using their services
- Lead the review, drafting and update of security and technology policies and procedures, driving timely sign-off with key stakeholders.
- Embed ISO 27001 and defence-in-depth principles across projects and operational initiatives.
- Shape and deliver EML’s security and technology risk strategy, including KPIs, KRIs and control effectiveness.
- Oversee audit, assurance and compliance activities, ensuring issues are remediated and uplift is continuous.
- Provide pragmatic, commercially minded security advice that protects customers without slowing the business down.
ABOUT YOU
- Full Australian working rights without restriction.
- 5+ years’ experience in a security and technology risk role within a large complex organisation, with strong regulatory and compliance exposure.
- Demonstrated experience working with technology teams and operating within an ISO 27001-aligned ISMS environment.
- Proven experience assessing compliance with policies, standards and controls, and supporting internal and external audits.
- Strong knowledge of ISO 27001, APRA CPS 234, ACSC Essential Eight and broader security best practice.
WHAT WE OFFER
We stand together as equals. EML is an equal opportunity employer so by coming to work for us, you will be part of a culture that celebrates diversity and inclusion. We are committed to maintaining a workplace where everyone feels valued and where we show respect, integrity and honesty.
EML provides career opportunities and great employee benefits, including:
A diverse and collaborative team culture like no other
Flexibility to work from home to support work/life balance
A corporate wellbeing program with discounted health insurance and gym membership
Generous discounts from over 350 retailers through our RewardsHub program
Comprehensive learning and development opportunities to help you reach your full potential
Access to support and counselling services with work or personal matters, through our Employee Assistance Program
Companywide events to stay connected and celebrate success
Entitlement to annual company incentive scheme + salary reviews
Up to 16 weeks paid parental leave, plus super
We value our people and are committed to supporting our employees by investing in their professional development and providing generous employee benefits. If this position is of interest to you, please apply now.