Group IT Governance Risk & Compliance Lead

Coca Cola Amatil

Company Type
  • Experienced in information security standards e.g. NIST, ISO and ISM, rules and regulations related to information security and data confidentiality
  • IT Risk Management across the Group
  • Represent the Group Information Security Office during IT planning initiatives and security program execution across the Group
  • Work across Australia Beverages, New Zealand, Indonesia, Papua New Guinea (PNG), Fiji and Samoa

Work with the Group CIO, Group IT Leadership Team and Business Management to balance real-world risks with business drivers.


At Coca-Cola Amatil, you always know you’re part of something special and iconic. We are international in presence but local at heart. We are the faces that make our nations’ favourite beverages and food brands a reality. Firmly invested in our local economies and the communities we love, our focus is on building portfolios defined by relevance and choice.

In all that we do, our passion for individual businesses and the pride of being part of the greater Amatil story shines through. It fuels our pursuit of a shared vision: to create millions of moments of happiness and possibilities every day. With world-class sales and manufacturing capabilities, unrivalled relationships, reach and execution, we are the power behind the region’s favourite brands.


The Group Information Technology (GIT) is responsible for shaping, safeguarding and servicing the Group IT strategy across

Coca-Cola Amatil.

The role of the Group IT function is to -

1) Drive the implementation of the group-wide Amatil strategy and IT portfolio

2) Protect the Amatil group from threats and risks by maintaining effective controls

3) Drive synergies of skill and scale to leverage and share best practice across the Amatil group

4) Drive synergies in functionality and share software solutions across the Amatil group


The Governance, Security and Architecture Team is critical in safeguarding the security of Coca-Cola Amatil’s business. The team works seamlessly across Group IT and the wider business to ensure that potential threat and vulnerability is constantly assessed and the most up to date security requirements are implemented to ensure continuity of performance across our Group business. We are making significant progress in this field with recent achievements including PCI Level 1 Full compliance across our Australian business.


The Group Governance Risk and Compliance (GRC) Lead for Information Security is a critical member of the Governance, Security and Architecture General Manager’s (GM) team. Group GRC Lead role — which is a midlevel managerial position — is to act as an interface between the GM’s strategic and process-based activities and the work of the technology-focused team members, managers and administrators in the business and IT teams. The Group role includes management of information security across Australia Beverages, New Zealand, Indonesia, Papua New Guinea (PNG), Fiji and Samoa supported by regional information security and IT resources.


  • The Group GRC Lead role is a leadership role that requires an individual with an ability to work with the IT organisation and business management to align priorities and plans with key business objectives
  • This role requires strong verbal and written communication skills, ability to effectively share concise messages for complex technical problems
  • This role demands adequate knowledge of information security standards e.g. NIST, ISO and ISM, rules and regulations related to information security and data confidentiality that apply to consumer goods industry
  • The Group GRC Lead will act as an empowered representative of the information security office during IT planning initiatives to ensure that security measures are incorporated into strategic IT plans and that service expectations are clearly defined
  • The Lead will also be responsible for working with business and IT stakeholders to balance real-world risks with business drivers such as speed, agility, flexibility and performance so must have the ability to interact with Coca Cola Amatil’s personnel, build strong relationships at all levels and across all business units and organisations, and understand business imperatives
  • In addition to supporting the GM Governance, Security and Architecture to develop, implement and manage policies and strategies, the Lead must be able to prioritise work efforts — balancing operational tasks with longer-term strategic security efforts.
  • Other project management tasks will include resource balancing across group wide multiple IT and security teams, task prioritising and project reporting
  • The Group GRC Lead is responsible for working with highly technical staff, business stakeholders and leadership on a regular basis and must, therefore, have proven leadership skills
  • The lead must also have a strong understanding of the business impact of security tools, technologies and policies. In addition, must demonstrate experience of working with legal, audit and compliance staff
  • Documentation and presentation skills and the ability to identify needs and take initiative are key requirements of this position
  • The Lead must have strong organisational skills and must be a self-motivated, detail-oriented, dedicated, and well-organised security professional able to work and make decisions in a high-performing environment
  • At Amatil we value people who are straight forward and open, we take initiative and own the outcome and we focus on today and tomorrow. These values are the basis of how we do business and are the foundation of our culture. 
  • If you want to be rewarded and recognised for your contribution, please submit your CV. Applications close 12th April 2020
  • Coca-Cola Amatil is committed to equal employment opportunity for all employees and to providing employees with a safe work environment free of discrimination and harassment.
Read Full Description
Confirmed 20 hours ago. Posted in 3 months.

Discover Similar Jobs

Suggested Articles