Avant | Group Risk & Resilience | Sydney, NSW About Avant With over 130 years of heritage, Avant is more than just a medical defence organisation – we're the trusted professional partner for Australia's healthcare community. As a mutual organisation with annual revenues of $445 million and net assets of ~$1.4 billion, we're owned by our members and run purely for their benefit. Our 950 staff are committed to supporting doctors throughout their lives and careers, with over 50% of Australia's doctors choosing Avant as their professional partner. About the role We're seeking an experienced Manager, Operational Resilience (Technology & Cyber) to join our Risk Centre of Excellence. This is a Line 2 risk role that offers the unique opportunity to build technology risk capabilities from the ground up while contributing to our strategic efficiency objectives. This is a permanent role reporting to the Senior Manager - Risk & Compliance in our Group Risk & Resilience division. Key Responsibilities Strategic Risk Leadership • Provide Line 2 oversight and independent challenge of technology and cyber risk practices• Develop and implement technology risk assessment frameworks and methodologies• Build collaborative relationships while maintaining critical independence Technology Resilience Assessment • Review IT disaster recovery capabilities and business continuity planning• Assess cloud security controls and modern infrastructure risks• Evaluate third-party technology vendor risks and security practices Cyber Security Oversight • Monitor the technology threat landscape and emerging cyber risks• Challenge security control effectiveness and vulnerability management• Support CPS 234 compliance and regulatory requirements Risk Intelligence & Reporting • Translate technical risks into business-focused insights• Develop risk metrics, dashboards, and reporting frameworks• Provide strategic advisory on technology risk decisions About you Essential Qualifications & Experience • Bachelor's degree in Information Technology, Computer Science, or related field• 6-10 years' experience with minimum 3 years in Line 2 risk or assurance roles• Strong technical background in IT or cyber security• Deep understanding of the three lines of defence model Highly Valued Certifications • Cyber security: CISSP, CISM, CRISC, or equivalent• Risk management: ISO 27001 Lead Auditor, ANZIIF• Cloud security: AWS, Azure certifications Key Technical Skills • Technology risk assessment and control evaluation• Cyber security frameworks (NIST, ISO 27001, CIS Controls)• Cloud security and modern IT architectures• Disaster recovery and backup technologies• Knowledge of CPS 234 and financial services requirements Personal Attributes • Strong independence and professional scepticism• Ability to provide constructive challenge to technical teams• Excellent communication skills – translating technical risks to business language• Collaborative approach while maintaining Line 2 independence• Ongoing learning mindset for evolving technology landscape Why work at Avant? • Discount of 25% on Private Health Insurance.• We value our people by offering an inclusive workplace with flexible work, career development and internal mobility opportunities.• Our flexible working arrangements are designed to enable genuine work-life balance.• Your development is our priority, and we have a variety of learning and development programs that will support you in your career.• We offer support to our people via Employee Assistance Program (EAP), Health and Wellbeing programs, Tertiary Education Sponsorship and Support.• We have a diverse and connected work environment where your contribution and ideas will be valued and respected and make a real difference to the lives of others.
