Expression of Interest – Cyber Security, Risk and Control Enablement

Job Description

  • Join a culture of passionate professionals

  • Enjoy working with cutting edge technology

  • Multiple Opportunities

See yourself in our team:

Cyber security is paramount to us at Commbank, being responsible for world leading application of technology and operations across every aspect of CommBank, from protecting product platforms for our customers to essential tools within our business.

As part of our Risk and Control and Enablement team, you will work in partnership with the business to deliver safe, sound and secure risk outcomes with:

  • Risk management framework and tools
  • Risk expertise and coaching
  • Controls that are efficient, effective, sustainable and automated
  • A greater preventative focus rather than detective
  • Risk processes that are simple to understand and apply.

Do work that matters:

We are on the lookout for cyber professionals accountable for the strengthening, embedding and ongoing improvement of the risk and control environment across Cyber Security and Technology Services.

In this role you’ll assist execution of strategic initiatives within the Technology Controls Office to improve team effectiveness and performance, help drive capability uplift activity and embed a strong and proactive risk culture. You will act as a trusted advisor to executive management within the Cyber Security team, regarding strategic planning, emerging risks and risk maturity as it aligns to the financial services sector and play a key role in ensuring risk behaviours.

Key responsibilities for this role includes:

You will be expected to perform the following tasks in a manner consistent with CBA’s Values and People Capabilities:

  • Provide operational and compliance risk advice to Cyber Security on the design of controls.
  • Trusted advisor to the Cyber Security functions on the management of existing and emerging Cyber risks via proper design and implementation of Cyber controls
  • Manage root cause analysis of issues and incidents, identifying and implementing control improvements
  • Responsible for data quality in/maintain various databases (including RiskInSite) and monthly management reporting
  • Responsible for ensuring risks are profiled and captured in the Risk Profile (RCSA) and updated when risk trigger events occur
  • Work effectively with Line 2 colleagues to determine optimal course of action to remediate any significant data integrity issues within the BU.
  • Developing and driving execution of the risk and control environment strategy supporting the business partner’s strategy across Cyber Security.
  • Providing operational and compliance risk advice to the business on procedural and risk management issues under the Risk, Controls and Self Assessments (RCSA) and compliance attestations requirements that fall under CPS220, CPS231, CPS232 and, most importantly, CPS234.
  • Developing and producing executive reporting to provide insights across the portfolio from a risk lens and for senior management decisions in project steering groups.

We’re interested in hearing from people who have:

  • CA or CPA degree or any relevant tertiary qualifications in finance or risk management preferred
  • CISA, CRISC, CGEIT, CISM, ITIL, COBIT or other IT Risk related certifications (e.g. Basel II, GS007, AS3402,  ISO2700x)
  • Tertiary education in business, finance, economics, IT, or another quantitative field
  • Experience in Cyber risk & controls functions (experience of Identity controls beneficial, but not required) 
  • Ability to analyse/identify risks and opportunities and recommend appropriate actions
  • Influencing and consulting skills, the ability to build relationships with stakeholders at all levels
  • Ability to think critically and analytically and use data driven insights to solve problems
  • An advanced understanding and knowledge of the risk and control environment and framework with proven experience with operational and compliance risks

If you’re already part of the Commonwealth Bank Group (including Bankwest), you’ll need to apply through Sidekick to submit a valid application. We’re keen to support you with the next step in your career.

We’re aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.

Advertising End Date: 17/08/2022