Back to all jobs

Compliance Analyst

Positions1 Position
Published At:12 hours ago
Job no: X63FH

About AARNet  

Australia’s Academic and Research Network (AARNet) was established in 1989 and is widely regarded as the founder of the Internet in Australia and renowned as the architect, builder and operator of world-class network infrastructure for research and education.  

As Australia’s National Research and Education Network (NREN). We connect over one million users — researchers, faculty, staff, students, hospitals, vocational training providers, schools and museums — across Australia. 

We are an organisation of innovators, doers, and courageous thinkers. We don’t settle for the status quo; instead, we anticipate the future needs of our customers and build solutions today. If you share our imagination, foresight, and drive to shape the future, why not come and join us? 

https://www.aarnet.edu.au/ 

Role Purpose

The Compliance Analyst is responsible for managing third party risks within AARNet.  

Initially, the role will focus on conducting and managing detailed risk assessments and due diligence for Operational Technology (OT), Information Technology (IT), and network suppliers within AARNet, which also includes maintaining the supplier register, tracking remediation actions, and contributing to process improvements.  

The role will oversee the supplier lifecycle and ongoing risk monitoring, advising business units and ensuring compliance with the relevant AARNet policies and processes, whilst supporting the operationalisation and enhancement of the AARNet Supplier Management Framework.  

Key Accountabilities 

In this role, your main responsibilities are: 

Supplier Due Diligence and Risk Management  

  • Conduct risk assessments of suppliers, including network, IT, and OT platforms, evaluating operational, financial, business continuity, FOCI, and technology lifecycle risks. 
  • Review contracts for risk exposure and develop supplier risk scoring, dashboards, and reports. 
  • Maintain the supplier register, including risk scorings, assessment outcomes and track remediations 
  • Execute and optimise the supplier risk management process, ensuring it is efficient, consistent, and aligned with regulatory and internal requirements. 
  • Maintain documentation and reporting to support governance, audits, and regulatory compliance. 
  • Manage continuous supplier risk monitoring, track Key Risk Indicators (KRIs) and relevant Key Performance Indicators (KPIs), conduct periodic reassessments, and escalate high-risk exposures. 

 

Supplier Lifecycle & Governance 

  • Oversees the end-to-end supplier lifecycle, ensuring critical suppliers are managed in line with the processes 
  • Guide business units on compliance with Suppler Management processes and provide support where needed 
  • Validate supplier criticality, categorisation and risk tiering to support decision making 
  • Track supplier remediation plans, onboarding, renewals, and exit processes.  

 

Collaboration & Process Improvements 

  • Coordinate and work with Business, Technology, Operations, Finance, Legal, and Cyber Security teams on supplier management activities 
  • Support security and technical risk validation where required (security knowledge preferred but not mandatory) 
  • Identify and implement improvements to supplier risk assessment processes, tools, reporting, and governance  
  • Assist in operationalising and enhancing the Supplier Management framework, templates and documentation. 

 

Skills, experience & qualifications 

Qualifications 

  • Bachelor’s degree in Business, Engineering, Telecommunications, IT, Law, or related field 
  • Preferred but not mandatory: 
  • Knowledge of information security principles 
  • Professional certifications in risk management, procurement, or cyber security (e.g. CRMP, CPSM, CIPS, CTPRP, ISO) 

Experience 

  • 3 – 6 years’ experience in supplier, third party, or operational risk management, preferably in technology/IT/Network or related environments 
  • Experience in conducting risk assessments 
  • Experience collaborating with cross-functional teams (Finance, Operations, Technology, Cyber, Legal) 
  • Familiarity with supply chain, procurement and third-party life cycle management 
  • Knowledge or experience with contract management preferred 

 

Skills 

  • Strong operational and analytical skills 
  • High attention to detail and accountability 
  • Governance mindset with ability to enforce compliance 
  • Excellent stakeholder management and influencing skills 
  • Structured documentation and reporting skills 
  • Ability to challenge business units constructively 
  • Ability to influence stakeholders to drive an outcome 
  • Effective communication skills to ensure management are aware of the risks and actions in their areas 

 

  • Published on 30 Mar 2026, 11:47 PM