Posted:
11/18/2024, 1:23:51 AM
Location(s):
Sydney, New South Wales, Australia ⋅ New South Wales, Australia
Experience Level(s):
Expert or higher ⋅ Senior
Field(s):
Legal & Compliance
See yourself in our team:
Group CIO Technology delivers the Group’s information technology and banking operations functions to ensure the highest levels of customer service through world-class process excellence and technology innovation.
To do this, Technology has a strategy with two clear goals of delivering iconic customer and employee experiences and simplified and standardised technology and processes. Technology is the Group’s engine room committed to delivering available, reliable, consistent technology solutions for our internal and external customers.
Do work that matters:
The Manager, Risk and Control Enablement Privacy Risk and Compliance is part of the Technology CCO team for ensuring:
Privacy risks for any new and changing processes are assessed, awareness is raised, risk mitigations are in place, embedded and sustainable. They achieve this by assessing the effective design and implementation of controls to enable compliance and supporting the business through new and changing processes
Provide support to Technology businesses to implement regulatory engagement, regulatory changes and compliance policy changes that affect Technology
This role will work closely with stakeholders in the Group Privacy Office, Cyber, Line 2 and delivery owners across Technology. They’ll also work in partnership with the business to strengthen and drive effective privacy, compliance risk management and Group regulatory engagement to uplift controls, risk culture, and ensure we meet all regulatory requirements and practices are sustainable and embedded into BAU.
This role will report to the Senior Manager, Technology CCO Central and will support General Managers (GMs) and Executive Managers (EMs) in providing risk services with all elements of the Operational Risk Management Framework (ORMF)/Compliance Management Framework (CMF) and Group Regulatory Engagement Standard (GRES). This role is required to act with independence and must have the ability to influence stakeholders by actively building and maintaining valuable relationships with:
Privacy, Cyber and Technology SMEs
Service Owners
Chief Data and Analytics Office
Relevant Technology, Privacy and Cyber related programs
Line 2 Operational Risk and Compliance
Technology CCO peers
Group Privacy Office
Peer BU/SU CCO teams
Key responsibilities for this role include:
Oversee and support the business on the design and implementation of compliance arrangements, controls to enable better risk and compliance outcomes, providing guidance and advice to senior leaders on their application
Coach extended team members to conduct and review obligation applicability assessment, control assessments, technology risk assessments, root cause analysis of issues and incidents, identifying and implementing control improvements
Oversee and advise on effective design and implementation of compliance arrangements, controls for all new and changing processes and operations
Accountable for and provide guidance to stakeholders to ensure the correct obligation, risk and controls overlay the end-to-end process mapping and documentation management to support the compliance and control process
Partner with the business to deliver pragmatic insights that enable risk based and informed decision-making and provide assurance over controls.
Oversee and advise the business on compliance policy changes and regulatory changes
Build a proactive compliance, risk and control culture and capabilities
We’re interested in hearing from people who have:
Experience of risk and/or control advisory in banking/financial services/professional services other relevant sector, and/or experience in Privacy, Technology, Cyber or Operational Risk practitioner roles
Experience with project change risk (Risk in Change) and change management
CISM, CISA, CRISC, CGEIT, CDPSE, COBIT, ITIL, CISSP or other IT risk related certifications (e.g. ISO200x, PCI/DSS) holder is favourable
Familiarity with APRA standards (not limited to CPS220, 231, 232, 234, 235) or Privacy regulations is favourable
Knowledge of Privacy and Compliance Risk frameworks would be advantageous
Good soft skills, including stakeholders’ management, critical thinking, ability to provide constructive challenge, report writing
If this sounds like the role for you then we would love to hear from you. Apply today!
We support our people with the flexibility to balance where work is done with at least half their time each month connecting in office. We also have many other flexible working options available including changing start and finish times, part-time arrangements and job share to name a few. Talk to us about how these arrangements might work in the role you’re interested in.
If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We’re keen to support you with the next step in your career.
We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.
Website: https://commbank.com.au/
Headquarter Location: Sydney, New South Wales, Australia
Employee Count: 10001+
Year Founded: 1911
Last Funding Type: Post-IPO Debt
Industries: Banking ⋅ Finance ⋅ Financial Services ⋅ Wealth Management