Risk and Control Governance, Planning and Reporting Senior Manager

Organization: At CommBank, we never lose sight of the role we play in other people’s financial wellbeing. Our focus is to help people and businesses move forward to progress. To make the right financial decisions and achieve their dreams, targets, and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas, and energy all contribute to the impact that we can make with our work. Together we can achieve great things.

Job Title: Risk and Control Governance, Planning and Reporting Senior Manager
Location: Bengaluru - Manyata Tech Park

Business & Team: The Technology Chief Controls Office (CCO) team is a Line 1 risk team responsible for supporting CBA in continuing to mature its risk culture and establish and maintain strong risk practices. Technology CCO is responsible for providing end to end risk advice and guidance. We support our delivery teams across CommBank in their development and operation of solutions ranging across innovative product platforms for our customers to essential tools within our business.

Impact and Contribution: The Senior Manager, Risk and Control Enablement is part of Compliance and Privacy Risk is part of the Technology CCO team for ensuring:

• Privacy risks for any new and changing processes are assessed, awareness is raised, risk mitigations are in place, embedded and sustainable. They achieve this by assessing the effective design and implementation of controls to enable compliance and support the business through new and changing processes.

• Provide support to Technology businesses to implement regulatory engagement, regulatory changes and compliance policy changes that affect Technology

• Operate as a centralized risk and controls function within the broader technology organization with the primary mission to enhance the organization’s ability to deliver change safely, including building resilient Operational risk and compliance capabilities, reducing technology-related risk debt, and embedding a proactive, risk-aware culture across all technology crews.
  

Roles & Responsibilities:

• Adhere to the Code of Conduct . The Code of Conduct sets the standards of behaviour, actions and decisions we expect from our people.

• Lead and support Technology BU / SUs on Privacy Risk matters and Regulatory Changes to enable better risk and compliance outcomes

• Lead and coach team members conduct privacy assessments, review obligation applicability assessments, control assessments, technology risk assessments, root cause analysis of issues and incidents, identifying and implementing control improvements

• Lead and advise on effective design and implementation of controls for all new and changes to processes and operations for Privacy and Compliance

• Partner with the business to deliver pragmatic insights that enable risk based and informed decision-making and provide assurance over controls

• Advise and articulate business impacts to stakeholders on privacy and compliance policy changes and regulatory changes

• Build a proactive and high performing culture and capabilities for privacy, compliance, risk and controls.

• Possess sound technical knowledge to support and lead activities/ initiatives across other TCCO teams.

• Lead and build a proactive risk and control culture.

• Delivery of risk and control enablement initiatives to achieve better risk outcomes.

PEOPLE MANAGEMENT

• Provide local line management to India resources of different portfolios.

• Coaches and nurture the broader TCCO India team members to help them grow technically.

• Drive continuous improvements and champion a learning mindset to enable a future-fit workforce
  

Essential Skills:

• Minimum 13 years’ experience in risk and/or control advisory in banking/financial services/professional services or other relevant sectors

• Strong experience working in Privacy, Technology, Operational Risk practitioner roles

• Excellent stakeholder management, communication skills, critical thinking, problem-solving skills and ability to provide constructive challenges

• Experience with project change risk (Risk in Change) and change management

• Understanding of impacts on CBA of APRA standards (not limited to CPS220, 231, 232, 234, 235) and Privacy regulations

• Strong knowledge of Privacy and Compliance Risk Frameworks

• Ability to adapt to working in complex environments with ambiguity to deliver consistent high quality business outcomes
  

• Bachelor’s degree/Master’s degree in Engineering in Computer Science/Information Technology

• Professional certificates like CISA, CRISC, CGEIT, CISM, ITIL, COBIT or other IT Risk related certifications (e.g. Basel II, GS007, AS3402, ISO2700x) will be preferred

Advertising End Date: 07/11/2025