Risk & Compliance Manager

Ready to leave a lasting impact on Australia’s health industry?

Join HAMBS, a leading provider of software and information technology solutions to the private health insurance sector for over 30 years. Our dedicated team spans across Adelaide and Sydney, collaborating with over 60% of Australia’s private health funds, empowering them to deliver innovative and competitive services to their valued members. At HAMBS, “work” is a vibrant experience. Our culture is driven by values that define us as United, Good Humans, Brave, and Awesome.

For more information about HAMBS and to explore our current career opportunities, visit: https://jobs.swagapp.com/organisations/hamb-systems

About the Role

We are seeking a Risk and Compliance Manager to join our Adelaide team. In this role, you will support the development and ongoing improvement of HAMBS’ risk and compliance frameworks, working closely with leaders across the organisation to strengthen a proactive and accountable compliance culture.

You will provide guidance and specialist advice to ensure compliance obligations are identified, assessed, managed, and reported across the business. The role also supports key areas including privacy, regulatory compliance, cyber risk, and business continuity.

Responsibilities:

• Assist with developing, maintaining and continuously improving the risk management framework (RMF) and associated policies and procedures.
• Provide specialist risk advice and support to the business in identifying and assessing risks and in designing, documenting, and implementing treatment plans and controls.
• Monitor emerging trends and risks that may impact the company’s risk profile along with relevant economic, industry, legislative and regulatory developments and assess the potential impact and recommend approaches to managing these risks and developments.
• Maintain and coordinate HAMBS third party risk management procedures and practices including liaising with external consultants, maintaining registers and forward schedules, monitoring and reporting on progress and outcomes of assessments and the steps taken to address findings.
• Assist with the design, implementation and maturity of a fit-for-purpose enterprise compliance framework to meet HAMBS compliance obligations.
• Provide specialist advice and support to business leaders to ensure compliance obligations are identified, assessed, managed and monitored. Assist business leaders in understanding their compliance obligations and controls and provide support in assessing compliance risk.
• Keep abreast of legislative and regulatory developments assessing the impact on business and operational activities and provide advice and recommendations to senior management.
• Oversee and coordinate HAMBS assurance and controls testing programs including incident response plan testing (such as data breach response plan, cyber security incident response plan, business continuity plan and disaster recovery plan).
• Work with the CRO to plan and coordinate independent assurance engagements (such as ISAE SOC 1, ASAE 3150) used to provide our customers with the necessary assurance about the design and operating effectiveness of our controls to fulfil their third-party risk management and regulatory obligations (e.g. CPS 234 Information Security).
• Coordinate and facilitate the business impact analysis (BIA) process.
• Provide specialist advice, support and assist the business with the design, implementation and validation of the business continuity and IT disaster recovery plans.
• Develop and implement ongoing training and development plans for staff.

Qualifications:

• Tertiary qualifications in business, commerce or similar
• Member of recognised Risk & Compliance Body (desirable).
• Extensive knowledge of risk and compliance management frameworks (including ISO 31000 and ISO 19600)
• Proven experience across risk (ideally line 2) and compliance with a strong understanding of operational, information security, and business continuity risks.
• Good working knowledge of the Australian Privacy Principles and the Notifiable data breaches scheme
• Good working knowledge of the regulatory obligations surrounding the private health insurance industry (desirable)
• Experience across internal audit and internal controls testing with a focus on information security controls (desirable)
• Highly developed analytical and consultancy skills with demonstrated ability to engage senior stakeholders
• Strong ability to influence and develop and maintain high quality interpersonal relationships with stakeholders at all levels
• Most importantly, you are Awesome, Brave, and a Good Human!

Employee Benefits

• Flexible working options, both onsite and remote.
• Paid volunteer and wellbeing leave, with the option to purchase additional leave.
• Salary sacrificing and novated lease options.
• Access to an online learning system and world-class internal and external training sessions.
• Internal employee referral program.

As part of the recruitment process, candidates will need to complete satisfactory verification checks, including but not limited to a National Police Clearance Certificate, appropriate rights to work in Australia, and reference checks.

Our HR team and hiring managers kindly request no unsolicited resumes or approaches from recruitment agencies.