Manager, Risk and Control Enablement - Permanent role

See yourself in our team:

Enterprise Services (ES) delivers the Group's information technology and banking operations functions to ensure the highest levels of customer service through world-class process excellence and technology innovation.

To do this, ES has a strategy with two clear goals of delivering iconic customer and employee experiences, and simplified and standardised technology and processes. ES is the Group's engine room committed to delivering available, reliable, consistent technology solutions for our internal and external customers

The ES Controls Office aims to ensure that Enterprise Services significantly reduces or removes the potential for Enterprise Services and its staff to be exposed to adverse impacts arising from compliance breaches, people and failed internal processes, systems or external events related to the use of data and associated privacy requirements. The ES Controls Office brings together specialist risk advice, including Risk Engagement, Supplier Risk, Controls Assurance and Risk in Change, to support the business in the delivery of their outcomes within an effective risk culture. We work closely with ES to deliver insights to enable effective risk decision making and with Line 2 Risk function to ensure that Enterprise Services has sufficient capability to comply with regulations and build trust with its customers.

Do work that matters:

The Manager, Risk and Control Enablement is part of the ES CCO team that supports the Chief Data Office (CDO) on risk in change activities. The team is responsible for ensuring that new and changing processes are assessed, awareness is raised and risk mitigations are in place. They achieve this by assessing the effective design and implementation of controls to enable compliance and supporting the business through new and changing processes.

This role will work closely with stakeholders in the Privacy Program, delivery owners across ES and the business to strengthen and drive effective technology and privacy risk management, and assist with uplifting controls and risk culture.

This role will report to the Senior Manager, ES CCO CDO and will support General Managers (GMs) and Executive Managers (EMs) in providing risk services with all elements of the ORMF/CRMF.

This role is required to act with independence and must have the ability to influence stakeholders by actively building and maintaining valuable relationships with:

• Group Privacy Office
• Digital Protection Group Privacy SMEs
• Chief Data Office
• Line 2 Compliance
• Relevant Privacy related programs

A key responsibility for this role includes:

You will be expected to perform the following tasks in a manner consistent with CBA's Values and People Capabilities:

• Oversee and accountability for the review of design and implementation / support the business project teams to design and implement controls to enable better risk and compliance outcomes, providing guidance and advice to senior leaders on their application
• Deliver and complete required risk-in-change assessments for the privacy technology component of the Privacy program.
• Facilitate RiskinChange workshops with relevant stakeholders and provide challenge where required.
• Consult and collaborate with the Privacy team, ES Controls Office, Cyber Security, Line 2, Line 3 and other SME's to determine optimal course of action to remediate gaps identified within Cyber Privacy projects.
• Identify, initiate and manage actions to mitigate risks and to strengthen controls, including issues identified through privacy, security and technology risk assessments.
• Develop and contribute to Privacy reporting deliverables and provide insights from a risk lens for management decisions.

We're interested in hearing from people who have:

• Relevant industry experience and tertiary education, preferably with a background in Privacy, Compliance, Legal, Risk or Technology Controls, project change risk (risk-in-change) gained in a global financial institution, regulatory authority or professional services firm
• 5+ years' experience in banking/financial services/other relevant experience, and/or minimum 2+ years' experience in Privacy, Technology, Cyber or Operational Risk management roles
• IT / Cyber / Privacy practitioner experience is beneficial or other IT Risk related certifications (e.g. ISO2700x, PCI/DSS, CISA, CISM, ITIL, COBIT)
• A sound understanding and knowledge of the risk and control environment and framework with proven experience with operational and compliance risks

If you are an experienced professional with a desire to take on complex work/projects then we would love to hear from you!

Whether you're passionate about customer service, driven by data, or called by creativity, a career here is for you.

Our people bring their diverse backgrounds and unique perspectives to build a respectful, inclusive and flexible workplace. One where we're driven by our values, and supported to share ideas, initiatives, and energy. One where making a positive impact for customers, communities and each other is part of our every day.

Here, you'll thrive. You'll be supported when faced with challenges, and empowered to tackle new opportunities. We really love working here, and we think you will too.

We're determined to make a real difference for Australia's first peoples. We encourage all interested applicants to apply. If you're already part of the Commonwealth Bank Group (including Bankwest), you'll need to apply through Sidekick [link removed] to submit a valid application. We're keen to support you with the next step in your career.