[What the role is]
This is a 2-year contract position with the Digital Services & Technology Office.
The incumbent supports the implementation and management of IT governance, risk, and compliance frameworks across NP. The role is responsible for reviewing risk assessments, coordinating system security plans, supporting audit and compliance activities, and ensuring alignment with IM8 and institutional policies. It also oversees data governance processes, including data sharing and classification, and supports the review of emerging technologies (e.g. SaaS and AI) from a governance perspective. The role works closely with stakeholders across the institution to strengthen governance practices, ensure regulatory compliance, and mitigate IT and data risks.
[What you will be working on]
Your responsibilities will include, but are not limited to, the following:
- Support the implementation and continuous improvement of IT governance, risk, and compliance frameworks in alignment with IM8 and NP policies
- Coordinate and review risk assessments (e.g. SaaS, AI adoption) and system security plans (SSPs)
- Facilitate data governance processes, including data classification and data sharing reviews
- Support audit activities (internal and external), including monitoring and tracking compliance status, risks, and remediation actions across systems and departments
- Engage stakeholders to provide guidance on governance requirements and drive adoption of best practices
- Support reporting to management and committees (e.g. risk updates, audit status, governance metrics)
[What we are looking for]
- Experience: Preferably 3–5 years of relevant experience in IT governance, risk management, audit, or compliance-related roles
- Knowledge: Familiarity with IT governance and security frameworks (e.g. IM8, ISO 27001, risk management methodologies) and understanding of data governance principles
- Skills: Strong analytical and problem-solving skills, with the ability to assess risks and interpret policy requirements; good organisational skills to manage multiple governance and audit activities concurrently
- Communication: Effective written and verbal communication skills, with ability to engage stakeholders and articulate governance requirements clearly
- Attributes: Meticulous, detail-oriented, and able to work independently; proactive in identifying issues and driving follow-up actions; able to work collaboratively across teams