Senior Manager Cyber Risk

Job Description

Commonwealth Bank CommBank offers personal banking, business solutions, institutional banking, and more. Are you a seasoned professional in the realm of Cyber Risk, equipped with a keen understanding of the complexities surrounding security challenges? We are seeking a Senior Manager who excels in navigating the intricacies of cyber risk management, particularly in governance and control frameworks. In this Line 2 risk management role, your expertise will be instrumental in guiding technical teams and shaping approaches to mitigate cyber risks. See yourself in our team: The Technology and Operations (Tech & Ops) Risk team is responsible for providing specialist Operational Risk and Compliance (OR&C) advice and assurance of decisions made across the Technology, Chief Operating Office, and Business Unit divisions. Do work that matters: The purpose of this role is to serve as a leader within the Cyber Risk team in the Tech & Ops Risk division, supporting the Group Security function. You will collaborate with the Executive Manager Cyber Risk to provide independent Line 2 advice and assurance regarding the implementation of the Risk Management Approach and the Operational Risk and Compliance Management Framework. Additionally, you will play an active role in enhancing risk capabilities across the Cyber Security functions. Key responsibilities for this role include: Collaborate with and provide SME risk management advice to crews aligned to cyber domains that mainly cover: Application & Service Protection, Data Security, Cloud Security, Third Party Security, Identity & Access Management and Security Education. Provide independent, pragmatic and value-adding Operational Risk advice and assurance for technology and cyber risks across the Group. Support the Executive Manager through monitoring and reporting on the three lines of accountability (3LoA) activities, including the Risk Management Approach, the Operational Risk Management Framework, and the Compliance Management Framework in support of CPS 220. Contribute to the oversight and monitoring of key technology and cyber risks, controls, issues, incidents, and risk-in-change. Support the appropriate identification, escalation and reporting of all related technology and cyber risk and compliance matters to the relevant stakeholders. Work as part of a cross-skilled team that can support a range of inter-connected risk domains, contributing to appropriate Line 2 oversight and challenge. Provide ideas for Line 2 risk management and assurance activities, data analytics and stakeholder reporting; contribute to a culture of learning and collaboration. Develop and maintain partnerships with stakeholders; become a trusted advisor using commercial acumen and practical recommendations. We’re interested in hearing from people who have: Extensive experience in cyber security with sound knowledge of applicable industry standards, frameworks, and regulations (e.g. CPS234, NIST CSF, Essential 8). Preference for a recognised information security certification (e.g. CISSP, CISM, CRISC). Sufficient technical acumen to engage with the cyber teams and have meaningful conversations about risk requirements or prioritisation. Background in Operational Risk and Compliance with technology and cyber risk management specialties within the Financial Services industry highly regarded. High quality written and verbal communication skills, report writing, evidence gathering and data analysis capabilities. Stakeholder and influencing skills with the ability to proactively engage Line 1 teams and engender trust with pragmatic, commercially balanced risk advice. A curious and humble mindset, understanding of external trends and changes, interest in continuous learning, to build risk management best practice. If you live the values and demonstrate the people capabilities we can offer great opportunities. We support our people with the flexibility to balance where work is done with at least half their time each month connecting in office. We also have many other flexible working options available including changing start and finish times, part-time arrangements and job share to name a few. If this sounds like the role for you then we would love to hear from you. Apply today! Advertising End Date: 23/02/2025. #J-18808-Ljbffr