Job Specifications
At First Quantum, we free the talent of our people by taking a very different approach which is underpinned by a very different, very definite culture – the “First Quantum Way”.
Working with us is not like working anywhere else, which is why we recruit people who will take a bolder, smarter approach to spot opportunities, solve problems and deliver results.
Our culture is all about encouraging you to think independently and to challenge convention to deliver the best result. That’s how we continue to achieve extraordinary things in extraordinary locations.
Job Description
Company Description:
First Quantum Minerals is a leading Canadian-based global mining & metals company focused on the production of copper, nickel, gold & cobalt. As a company, we strive for continuous excellence and after 25 years of operations we are now one of the world’s top 10 copper producers, exporting millions of tonnes of concentrate from multiple countries to customers worldwide. Our operations and future developments span across Africa, Europe, the Middle East, Australia and the Americas, and we are globally recognised for our specialist technical, engineering, construction and operational skills, which allow us to unlock value from complex mineral projects and deliver rewarding careers for our people, returns for our shareholders and sustainable development for the many local communities that host our operations. As we expand our operations, continue to provide metals to build the modern world and shift to a low carbon, greener economy in the years ahead, our mining projects will continue to require the best and the brightest talent to help us solve the emerging challenges of our time, shape our business and unlock opportunities for our future.
Job Description
Although our production and financial results are the engine that drives our business, it is the depth of capability in our people that will continue to determine First Quantum’s ongoing success. Reporting to the Head of Group IT Security, the Technology Risk Lead is responsible for managing all aspects of Technology Risk across the company, ensuring robust governance, compliance, and resilience in alignment with Group Information Security objectives. This role will define and oversee the Technology Risk and Security Controls frameworks, enabling proactive identification, assessment, and mitigation of risks across IT, OT, and digital platforms.
Acting as a trusted advisor, the Risk Lead will partner with business units, technology teams, and senior leadership to embed risk management practices into operational and strategic decision-making. The Risk Lead will also work with the wider Security and Digital Technology teams to identify, propose and create applicable new service offerings to reduce risk across the First Quantum landscape.
Key Responsibilities
Risk Governance & Framework
Develop and maintain the Group IT Technology Risk Management Framework, aligned with FQM Group standards and regulatory requirements.
Establish policies, procedures, and controls for effective risk management across technology domains.
Risk Identification & Assessment
Lead enterprise-wide risk assessments, threat modelling, and scenario planning exercises.
Maintain and oversee risk registers, ensuring timely updates and accurate reporting.
Compliance & Regulatory Alignment
Ensure adherence to relevant cybersecurity and technology risk regulations across all jurisdictions where the organisation operates.
Support audits and regulatory inspections, providing evidence of compliance and remediation plans.
Reporting & Assurance
Deliver regular risk posture reports to the Group Head of Information Security and executive leadership.
Provide assurance on risk mitigation strategies and residual risk levels.
Stakeholder Engagement
Collaborate with IT, OT, Legal, Compliance, and Operational teams to integrate Technology risk management into business processes.
Act as the primary point of contact for technology risk matters with internal and external stakeholders.
Security Awareness
Own and drive Security Awareness across the enterprise, ensuring a culture of security-conscious behaviour.
Design and deliver awareness campaigns tailored to different roles, business units, geographies and threats.
Manage simulated phishing exercises and report on outcomes to improve resilience.
Provide regular reporting on awareness program effectiveness and compliance metrics.
Incident & Crisis Management
Support incident response and recovery planning from a risk perspective, ensuring lessons learned are embedded into future controls.
Continuous Improvement
Monitor emerging risks, industry trends, and regulatory changes to keep the risk framework current and effective.
Generic
Contribute to the IT security roadmap and planning thereof.
Deliver capabilities aligned to First Quantum’s Information Security Standards.
Support the development of security maturity across the organisation.
Qualificatio
About the Company
First Quantum Minerals Ltd. is a global mining company producing copper and nickel, as well as gold and cobalt. Our growing portfolio of operations and projects spans four continents and employs around 20,000 people. We are well-known for our ‘can do’ attitude and specialist technical, project management, engineering, construction and operational skills, which allow us to develop and successfully run complex mines and minerals processing plants. We strive to go beyond the goals set by other companies. After 25 years of opera...
Know more