Cyber Governance Risk Compliance Analyst

About Ampol    

Powering better journeys, today and tomorrow.  

Our company has always been about more than fuel. Fuel may be the foundation of our business, but our motivation and purpose comes from the people, businesses, industries and communities we engage with.  From our origins until today, we’ve always been inspired by the role we can play in people’s lives – to keep them moving, to make journeys happen. Here at Ampol, we are proud of our heritage as Australia’s only owned fuel brand.    

For over 100 years we have supported Australians to travel far and wide, and we’ll be here for 100 more powering better journeys for today and tomorrow.  

Tech, Digital & Data @ Ampol  

As we embark on our digital transformation, we are committed to making Ampol easier to work with and within, enhancing every interaction through innovative solutions. 

Our approach is anchored in data-driven decision-making and advanced technology integration, allowing us to create seamless and personalized customer experiences that truly resonate. By prioritizing value-based decisions and outcomes, we ensure that our digital transformation will drive meaningful impact and measurable outcomes. 

We are dedicated to empowering our business through technology-enabled differentiation, strengthening our foundations to build sustainable value for the future. Our team thrives on the challenge of innovation—dreaming up big ideas, questioning the norm, and tackling complex problems. Together, we are shaping a future that not only meets the needs of today but anticipates the demands of tomorrow. 

Join us as we embrace this journey of transformation, committed to delivering exceptional value and experiences that make a lasting impact on our business, customers and industry.  

About the role: 

The Cyber, Risk & Governance teams' purpose is to protect Ampol Group’s reputation and social license to operate by enhancing our cyber resilience. We support Ampol Group in achieving its business goals by managing cyber and IT risks effectively and pragmatically and by adopting a proactive approach. We enable business value rather than being a barrier. Through early detection and response to cyber events, we mitigate risks and deliver business value in the face of ever-changing technologies and strategic opportunities. Additionally, we build trust in Ampol with our customers through the delivery of more secure solutions. 

As a GRC Analyst, you’ll be supporting the cyber security governance, risk and compliance processes across Ampol, including IT suppliers, outsourced providers, and internal IT environments. Assessing, aligning, and testing security controls to meet regulatory obligations and industry best practices. 

This role is a 12 Month Fixed Term Contract 

You’ll take us further by: 

• Developing and updating the current cyber security policy and standards 
• Conducting cyber risk assessments, reviewing standards and policies, performing compliance audits, and preparing detailed risk and compliance reports 
• Support Risk Mitigation and remediation efforts 
• Developing compliance metrics and reporting 

We’d love it if you have:  

• A sound knowledge of industry environments, architecture, technologies, and IT services with a strong cyber risk management expertise in identifying, assessing and evaluating cyber and information risks in technology landscape. 
• Good stakeholder engagement skill, with the ability to create consensus amongst key stakeholders with different views to establish a shared approach within Ampol 
• Strong planning, prioritisation, organisational skills and the capacity to be flexible in balancing priorities to meet/exceed customer needs. 
• Proven expertise in governance, risk and compliance either internally or from a consulting or assurance professional service firm. 
• Demonstrated expertise and experience in industry regulations (e.g., Critical Infrastructure Act 2018, Privacy Act 1988), industry standards (e.g., PCI DSS), and risk and control frameworks (e.g., NIST CSF, ISO 27001). 
• Sound general IT experience (application and infrastructure) including systemic knowledge of IT development, operational and change management processes and methodologies. 
• Proven expertise in the use of project management methodologies to assist teams in meeting deadlines and agreed outcomes. 
   
   

We’ll take you further by: 

• Our total remuneration is competitive. This is across base salary, a performance incentive, employee share offers and a 25% discount on Fuel for two privately used cars! 
• We are flexible.  Many of our teams have embraced hybrid work, balancing time spent remote working, with time spent at an office to connect and work together where it adds value. 
• We value recognition.  We have an internal recognition platform amplifying the achievements of those who do great work and demonstrate our capabilities and values. 
• Career development and learning opportunities including LinkedIn Learning and other tailored training solutions. 
• BabyCare Package - financial and flexible support for parents transitioning back to work. 
• Need some wheels? Novated Lease options are available. 
• Invest in your future with the Employee Share Scheme 
• Access to Ampol's Benefits & Recognition platform providing you access to retail discounts and cashbacks at over 500+ retailers in Australia that assist with everyday living expenses 
• Care for your Community. Spend one paid day a year volunteering with one of our Ampol Foundation partners.   

We’re an equal opportunity workplace. We not only embrace diversity and inclusion; we celebrate what makes you unique. We welcome applications from people of all ages, cultural backgrounds, and diverse sexualities and genders (including if you identify as transgender). We also highly encourage Aboriginal and Torres Strait Islander peoples to apply for roles with Ampol.