When you join ASX, you’re joining a company with a strong purpose – to power a stronger economic future by enabling a fair and dynamic marketplace for all.
In your new role, you’ll be part of a leading global securities exchange with a strong brand. We are known for being a trusted market operator and an exciting data hub.
Want to know why we are a great place to work, click on the link to learn more.
www.asx.com.au/about/careers/a-great-place-to-work
We are more than a securities exchange!The ASX team brings together talented people from a diverse range of disciplines.
We run critical market infrastructure, with 1 in 3 people employed within technology. Yet we have a unique complexity of roles across a range of disciplines such as operations, program delivery, financial products, investor engagement, risk and compliance.
We’re proud to foster a workplace where diversity is celebrated and inclusion is part of our everyday culture. Our employee-led networks champion LGBTIQ+ inclusion, promote gender equality, accessibility and wellbeing, inspire giving and volunteering, and celebrate cultural and religious events, creating a sense of belonging for all. As an AWEI Bronze employer and member of the Champions of Change Coalition for gender equality, we’re committed to a fair and inclusive workplace where everyone can thrive.
Your Team
The Technology Risk, Business Management & Strategy function supports the ASX Technology division across technology risk, governance, planning and operating‑rhythm activities. The function enables Technology leaders to manage risk, meet regulatory and assurance expectations, and maintain effective governance and performance disciplines.
Your responsibilities
Own and operate the Line 1 control assurance capability for the ASX Technology division, defining a scalable, risk-based approach and managing its implementation across the division.
Apply and embed enterprise control assurance and testing approaches within Technology, ensuring they are implemented in a practical, consistent and fit-for-purpose manner.
Interpret and pragmatically adapt enterprise methodologies where required, ensuring approaches remain effective for complex technology environments while maintaining alignment to enterprise expectations.
Drive a scalable assurance model by identifying how coverage can be prioritised, rationalised and delivered efficiently as the control environment evolves.
Lead execution of assurance activities, ensuring outputs are high-quality, consistent and provide a clear, defensible view of control effectiveness.
Partner with Technology SMEs and framework owners (e.g. Cyber, Architecture, IT Service Management) and Technology Risk colleagues to inform and challenge what good looks like for control design, testing and evidence in practice, including for key frameworks such as IT General Controls.
Translate assurance outcomes into meaningful insights, themes and trends, tailoring outputs for a range of audiences to clearly articulate control effectiveness, areas of risk, and progress in risk maturity and culture.
Drive continuous improvement of assurance through simplification, standardisation, and increased use of data, tooling and automation to improve efficiency, coverage and repeatability over time.
Act as a key feedback loop across internal and external assurance stakeholders (including Internal Audit, Enterprise Risk & Compliance, Risk Transformation, other Line 1 risk teams and external partners), providing practical insights on execution, challenges and opportunities to refine approaches within Technology and across the broader organisation.
Your experience and qualifications
Must have
Strong experience in technology control assurance, IT General Controls testing or similar, with a practical understanding of how controls are designed, implemented, operated, tested and evidenced in real-world technology environments.
Demonstrated ability to take ownership of assurance delivery, including defining scope, planning and executing testing activities in environments where approaches are still evolving.
Practical understanding of how to scale assurance in complex environments, including making trade-offs on coverage, prioritisation and approach as the control environment and expectations change.
Ability to apply and interpret control assurance or testing methodologies and implement them in a way that is pragmatic and fit-for-purpose for technology environments.
Strong stakeholder engagement capability, including working directly with technology teams and collaborating with risk, business, audit and compliance stakeholders.
Ability to translate assurance outcomes into clear, structured insights, including identifying themes and communicating effectively to a range of audiences.
Demonstrated problem-solving and critical thinking capability, including the ability to challenge existing approaches and identify more efficient or scalable ways of delivering assurance.
Experience improving or evolving assurance practices, including simplifying approaches or introducing more scalable delivery methods (e.g. standardisation, tooling or automation).
Nice to have
Experience operating in regulated or high-reliability environments, where technology risk expectations are elevated.
Exposure to environments with complex control landscapes, including scaling assurance coverage and prioritisation.
Experience working across multiple lines of defence, with an understanding of how assurance activities are coordinated and leveraged across Line 1, Line 2 and Internal Audit.
Familiarity with recognised technology and risk frameworks (e.g. ITGC, NIST, COBIT, ITIL, COSO), and how they are applied in practice.
Experience contributing to or supporting assurance or risk transformation initiatives, including embedding new methodologies or ways of working.
Exposure to data-driven or automated assurance approaches, including use of AI, system-generated evidence, tooling or analytics.
Relevant risk or technology certifications (e.g. CISA, CISSP) or equivalent practical experience.
We make hiring decisions based on your skills, capabilities and experience, and how you’ll help us to live our values. We encourage you to apply even if you don’t meet all the criteria of this role.
If you need any adjustments during the application or interview process to help you present your best self, please let us know at [email protected].
At ASX Group, our diverse workforce is essential to build and maintain a fair and dynamic marketplace. We support flexible working and offer hybrid working options. Even if our roles are advertised as full-time, we encourage you to apply if you are interested in part-time or other flexible working arrangements.
We will arrange for successful candidates to have background checks, including reference and police checks, completed as part of the on-boarding process.
To be considered for this position, candidates must be legally authorised to work in Australia on a permanent basis without any restrictions.
Skills Required
- Strong experience in technology control assurance or IT General Controls testing
- Proven ability to own assurance delivery: scope, plan and execute testing activities
- Practical experience scaling assurance in complex technology environments
- Ability to apply and interpret control assurance/testing methodologies pragmatically
- Strong stakeholder engagement with technology, risk, audit and compliance teams
- Ability to translate assurance outcomes into clear insights and themes for varied audiences
- Demonstrated problem-solving and critical thinking to improve assurance approaches
- Experience improving or evolving assurance practices, including standardisation, tooling or automation
- Experience operating in regulated or high-reliability environments
- Experience across multiple lines of defence and coordinating assurance activities
- Familiarity with technology/risk frameworks (e.g. ITGC, NIST, COBIT, ITIL, COSO)
- Exposure to data-driven or automated assurance approaches (tooling, analytics, AI)
- Relevant risk or technology certifications (e.g. CISA, CISSP) or equivalent practical experience
What We Do
ASX is one of the world’s top ten exchanges. As a full-service exchange, we offer trading, clearing, settlement, market insights, connectivity, and depository services across all major asset classes including equities, derivatives, ETFs, options, and managed funds. With a total market capitalisation of around $1.5 trillion, ASX is home to some of the world’s leading resource, finance, and technology companies. Our $47 trillion interest rate derivatives market is the largest in Asia and among the biggest in the world. ASX’s network and data centre (The Australian Liquidity Centre) provides a world class financial infrastructure and access to Australia’s largest pools of liquidity.








