Senior Manager Technology Risk

Risk Management is an independent function within CommBank which is accountable for providing approval and acceptance of decisions to ensure the Group remains within its risk appetite.

The Technology and Operations (Tech & Ops) Risk team is responsible for providing specialist Line 2 Operational Risk and Compliance (OR&C) advice, assurance and acceptance/approval of decisions made across the Technology, COO and Supplier Support Units.

Do work that matters:

The Senior Manager Technology Risk BU/SU CIOs will report to an Executive Manager within the CIO Tech OR&C team and work closely with the CIO functions supporting Retail Bank, Business Bank, Institutional Bank and Markets (IB&M), Operations and Corporate Services functions.

This role is pivotal in ensuring that the CIO functions deliver world-class technology support for our customers at speed, while maintaining the highest standard of technology governance and risk management. You will work along top technologists on industry-leading initiatives to modernise the bank’s technology estate, deliver best-in-class security and resiliency solutions and innovate in data and AI.

Key responsibilities for this role includes:

Technical:

• Collaborate with the CIO Leadership team and Line 1 Risk function to embed the Group’s Risk Management Approach and Frameworks into technology strategies, initiatives and decision making.  

• Provide sound risk advice and thought leadership to CIO functions and help uplift Line 1 risk capabilities.

• Provide oversight and monitoring of key technology risks, controls, issues and incidents, risk in change and licensing and obligations, risk acceptance through assurance reviews and data-led BAU monitoring activities.

• Providing input into NFRCs, attestations, incident notifications, risk framework change implementation and other matters as required under CBA’s internal frameworks, policies and governance.

• Evaluate emerging technology risks and their impact on the CIO portfolios including cloud adoption, cybersecurity threats and third-party risks, leveraging SME expertise in the broader Tech and Ops Risk team.

• Assisting the Tech & Ops CRO, General Manager CIO Tech OR&C and BU/SU OR&C teams in ensuring a consistent and pragmatic approach to end-to-end risk management in the business.

Leadership:

• Work as part of a cross-skilled team that can support a range of inter-connected risk domains, speak up and contributing to appropriate Line 2 oversight and challenge.

• Provide ideas for Line 2 risk management and assurance activities, data analytics and stakeholder reporting; contribute to a culture of learning and collaboration.

• Role model behaviours that are consistent with CBA values expectations and leadership principles; provide a safe workplace for all team members, customers and visitors.

• Develop and maintain partnerships with stakeholders; become a trusted advisor using commercial acumen, practical recommendations; and assist the business to understand where prioritised focus on key risks and compliance matters is required.

We’re interested in hearing from people who have:

• Foundational understanding of Technology, Cyber and Cloud concepts, risks and controls.

• Qualification/industry accreditation in technology and technology risk (e.g. degree in IT/Computer Science, CISA, CRISC, CISSP, CISM, AWS certifications)

• Background in Operational Risk and Compliance with technology risk management specialties within the Financial Services industry highly regarded.

• High quality written and verbal communication skills, report writing, evidence gathering and data analysis capabilities.

• Stakeholder and influencing skills with the ability to proactively engage Line 1 teams and engender trust with pragmatic, commercially balanced risk advice.

• A curious and humble mindset, understanding of external trends and changes, interest in continuous learning, to build risk management best practice.

If this sounds like the role for you then we would love to hear from you. Apply today!