Senior Cyber GRC Specialist

About Ampol

Powering better journeys, today and tomorrow.  

Our company has always been about more than fuel. Fuel may be the foundation of our business, but our motivation and purpose comes from the people, businesses, industries and communities we engage with.  From our origins until today, we’ve always been inspired by the role we can play in people’s lives – to keep them moving, to make journeys happen. Here at Ampol, we are proud of our heritage as Australia’s only owned fuel brand.    

For over 100 years we have supported Australians to travel far and wide, and we’ll be here for 100 more powering better journeys for today and tomorrow.  

Tech, Digital & Data @ Ampol  

As we embark on our digital transformation, we are committed to making Ampol easier to work with and within, enhancing every interaction through innovative solutions. 

Our approach is anchored in data-driven decision-making and advanced technology integration, allowing us to create seamless and personalized customer experiences that truly resonate. By prioritizing value-based decisions and outcomes, we ensure that our digital transformation will drive meaningful impact and measurable outcomes. 

We are dedicated to empowering our business through technology-enabled differentiation, strengthening our foundations to build sustainable value for the future. Our team thrives on the challenge of innovation—dreaming up big ideas, questioning the norm, and tackling complex problems. Together, we are shaping a future that not only meets the needs of today but anticipates the demands of tomorrow. 

Join us as we embrace this journey of transformation, committed to delivering exceptional value and experiences that make a lasting impact on our business, customers and industry.  

About The Role:

 
The Cyber, Risk & Governance teams' purpose is to protect Ampol Group’s reputation and social license to operate by enhancing our cyber resilience. We support Ampol Group in achieving its business goals by managing cyber and IT risks effectively and pragmatically and by adopting a proactive approach. We enable business value rather than being a barrier. Through early detection and response to cyber events, we mitigate risks and deliver business value in the face of ever-changing technologies and strategic opportunities. Additionally, we build trust in Ampol with our customers through the delivery of more secure solutions. 
 
As a Senior GRC Analyst, you’ll be supporting the cyber security governance, risk and compliance processes across Ampol, including IT suppliers, outsourced providers, and internal IT environments. Assessing, aligning, and testing security controls to meet regulatory obligations and industry best practices. 

You’Ll Take Us Further By:

• Translating strategy into action: Takes strategic direction and executes daily tasks like policy updates, risk assessments, and compliance checks. 
• Managing workflows: Owns and progresses GRC tasks such as control testing, risk reviews, third-party assessments, and audit preparation. 
• Conducts assessments: Leads or assists with cyber risk assessments, control gap analyses, and audits 
• Maintains registers and dashboards: Keeps risk registers, control libraries, and compliance tracking tools up to date to inform reporting and oversight. 
• Prepares reports and presentations: Gathers data and drafts reports for management and governance forums, giving visibility into risk posture and compliance status. 
• Tracks KPIs and KRIs: Monitors performance and risk indicators, escalating deviations to the management with context and suggested actions. 
• Cross-Functional Liaison: Develop strong and collaborative relationships with stakeholders across the Ampol Group including business partners, technology managers within the Technology, Digital & Data (TDD) function, and broader teams across the organization. 
• Identifies improvement opportunities: Spots inefficiencies or emerging risks in the current GRC framework and proposes practical solutions 
• Implements enhancements: Once approved, executes process or control improvements with minimal supervision. 
• Team Support: Support Cyber GRC team members to foster a culture of excellence, and knowledge sharing 

We’d love it if you have:  

• A sound knowledge of industry environments, architecture, technologies, and IT services with a strong cyber risk management expertise in identifying, assessing and evaluating cyber and information risks in the technology landscape. 
• Great stakeholder management, with the ability to create consensus amongst key stakeholders with different views to establish a shared approach within Ampol 
• Strong planning, prioritisation, organisational skills and the capacity to be flexible in balancing priorities to meet/exceed customer needs. 
• Demonstrated expertise and experience in industry regulations (e.g., Critical Infrastructure Act 2018, Privacy Act 1988), industry standards (e.g., PCI DSS), and risk and control frameworks (e.g., NIST CSF, ISO 27001). 
• Sound general IT experience (application and infrastructure) including knowledge of IT development, operational and change management processes and methodologies. 
• Proven expertise in the use of project management methodologies to assist teams in meeting deadlines and agreed outcomes. 
• Demonstrated analytical, problem solving and decision-making abilities to identify, analyse, and resolve technology challenges in response to business and IT requirements   

We’Ll Take You Further By:

• Our total remuneration is competitive. This is across base salary, a performance incentive, employee share offers and a 25% discount on Fuel for two privately used cars! 
• We are flexible.  Many of our teams have embraced hybrid work, balancing time spent remote working, with time spent at an office to connect and work together where it adds value. 
• We value recognition.  We have an internal recognition platform amplifying the achievements of those who do great work and demonstrate our capabilities and values. 
• Career development and learning opportunities including LinkedIn Learning and other tailored training solutions. 
• BabyCare Package - financial and flexible support for parents transitioning back to work. 
• Need some wheels? Novated Lease options are available. 
• Invest in your future with the Employee Share Scheme 
• Access to Ampol's Benefits & Recognition platform providing you access to retail discounts and cashbacks at over 500+ retailers in Australia that assist with everyday living expenses 
• Care for your Community. Spend one paid day a year volunteering with one of our Ampol Foundation partners.   

We’re an equal opportunity workplace. We not only embrace diversity and inclusion; we celebrate what makes you unique. We welcome applications from people of all ages, cultural backgrounds, and diverse sexualities and genders (including if you identify as transgender). We also highly encourage Aboriginal and Torres Strait Islander peoples to apply for roles with Ampol.