Head of Technology Risk

About the role

The Head of Technology Risk is responsible for establishing and governing TAL's Technology Risk Management framework, providing independent oversight of the risks arising from the organisation's technology landscape, digital transformation programs, and data assets. This role ensures that TAL's technology risk profile is clearly understood, actively managed, and reported within the Board's approved risk appetite, and that TAL meets its obligations under APRA CPS 230, CPS 234, and CPS 220. This is a critical first-line-of-defence leadership role within the Technology function, working in close partnership with the CIO, the broader Technology Leadership Team, Enterprise Risk, and the CISO to embed a strong risk management culture across all technology domains. The Head of Technology Risk is accountable for ensuring that technology risk is identified, assessed, and governed with rigour and transparency, and for providing the CIO and Board with the assurance needed to make confident, risk-informed decisions about TAL's technology investment and operations. In this role you will: Own and continuously enhance TAL's Technology Risk Management framework, ensuring alignment with Enterprise Risk Management and APRA standards across all risk domains (e.g. cyber, cloud, data, AI, change). Lead end-to-end identification, assessment, and monitoring of technology risks, maintaining the Technology Risk Register and escalating material risks to the CIO and relevant committees. Provide independent oversight of compliance with key APRA standards (CPS 230, CPS 234, CPS 220), including control effectiveness, remediation tracking, and regulatory engagement support. Deliver executive-level technology risk reporting, highlighting risk profile, key trends, control performance, and remediation progress against risk appetite. Lead Technology Operational Resilience, including critical operations, tolerance setting, and business continuity/disaster recovery governance and testing. Oversee risk assessment for major technology initiatives (e.g. cloud, AI, transformation), ensuring risks are identified early and managed within appetite before execution. Drive risk appetite, assurance, and culture across Technology, including KRIs, audit remediation, cross-functional alignment (Risk, Compliance, Legal, CISO), psychosocial risk management, and leadership of the Technology Risk team (including FAR obligations). Minimum of 10 years of experience in a combination of technology risk, operational risk, IT audit, or technology governance, with at least three years in a Senior Manager or above role leading technology risk management functions within a highly regulated sector such as financial services, insurance, or banking. Deep knowledge and practical experience of APRA prudential standards applicable to technology and operational risk, specifically CPS 230 (Operational Risk Management), CPS 234 (Information Security), and CPS 220 (Risk Management), and their application within a life insurance or financial services context. Strong understanding of technology risk domains including infrastructure risk, cloud risk, application risk, data risk, cyber risk, AI risk, and technology change risk - and the ability to assess and govern each within a structured risk management framework. Demonstrated experience designing and operating technology risk frameworks, including risk appetite and tolerance frameworks, key risk indicator (KRI) programs, control self-assessment processes, and technology risk registers within a regulated financial services environment. Strong knowledge of industry risk frameworks and standards including NIST CSF, ISO 31000, COBIT, and ITIL, with the ability to apply these pragmatically in a technology organisation undergoing digital transformation and cloud adoption. Industry-recognised professional certifications such as CRISC, CISM, CGEIT, or CISSP are highly regarded. TAL is one of Australia's leading life insurers, committed to inclusion, and supporting the career growth of our diverse workforce. We're proud to be: An Inclusive Employer - Recognised as Employer of Choice for Gender Equality by the Workplace Gender Equality Agency from 2014 to 2025 and 2023 to 2026 Bronze Tier Status within the Australian Workplace Equality Index Diversity Champions - Member of Diversity Council Australia, Australian Disability Network, Pride in Diversity and Champions of Change Reconciliation Advocates - Read our Innovate Reconciliation Action Plan. We welcome applications from people with diverse experiences, perspectives and backgrounds including Aboriginal and Torres Strait Islander people, caregivers, individuals with disability/ies, people from culturally diverse backgrounds and the LGBTQ+ community. Need adjustments during the recruitment process? Let our team know by getting in touch with us here. -we're here to support you. You're always accountable for your actions. You never give up. You strive to find the best outcomes for custom

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Tal? Share your experience