Senior Manager Risk and Controls - Technology, Cyber & AI

Responsibilities

• You will partner with the business to deliver a comprehensive and integrated Line 1 risk service, including:
• Defining and actively managing MCA's technology, cyber and AI risk profile, including identification, assessment and remediation of operational and compliance risks.
• Leading end-to-end delivery of core Line 1 risk framework activities, including RCSAs, CSAs and CMRS, from scoping and facilitation through to documentation, review and uplift.
• Owning risk artefacts (not just reviewing/advising), ensuring they are high quality, actionable and aligned to ORMF expectations.
• Providing trusted, pragmatic risk advice to senior MCA stakeholders, balancing innovation, speed and control.
• Acting as a key risk partner in technology change, digital initiatives, SaaS implementations and AI-enabled use cases, ensuring risks are understood and managed early.
• Identifying risk and control gaps and driving these through to resolution, including escalation through governance forums where required.
• Supporting robust governance outcomes, including preparation for and contribution to MCA Non-Financial Risk Committee forums.
• Strengthening risk practices across MCA, including improving consistency, clarity and execution of risk framework activities.
• Developing risk capability across the business, lifting risk maturity and embedding a proactive risk culture.

Requirements

• We're interested in hearing from people who bring:
• Technology, cyber, AI & SaaS risk experience
• Experience managing technology, cyber and/or AI risks in complex environments
• Exposure to SaaS platforms and third-party risk considerations, including assessing and challenging risk positions
• Ability to support modern technology delivery (including fast-paced and AI-enabled environments) with practical, risk-based solutions
• Strong Line 1 execution capability
• Experience across risk lifecycle activities (eg. RCSA, incidents, issues, governance and reporting)
• Sound to strong understanding of Operational Risk Management Frameworks and non-financial risk practices
• Confidence contributing to governance forums and driving risk outcomes through formal channels
• Problem solving & delivery mindset
• Proven ability to identify risk and control gaps and see them through to resolution
• Structured approach to prioritisation, balancing materiality, stakeholder impact and delivery timelines
• Comfortable operating in a fast-paced, evolving environment with competing priorities
• Stakeholder engagement & influence
• Strong stakeholder management skills, with the ability to partner closely with business and technology teams
• Ability to influence senior stakeholders and provide balanced, commercially aware risk advice
• Communication & impact
• Clear, structured and concise communication style
• Ability to respond directly to questions and articulate risk positions with clarity and impact
• Strong ability to tailor messaging for both technical and non-technical audiences
• Motivation & alignm

Additional Information

Senior Manager Risk and Controls - Technology, Cyber & AI Marketing & Corporate Affairs | Line 1 Risk Do work that matters At Commonwealth Bank, risk management is fundamental to how we protect our customers, our brand and our future. The Marketing and Corporate Affairs (MCA) Chief Controls Office (CCO) is a Line 1 risk function providing integrated, pragmatic risk services that enable MCA to deliver strong customer and business outcomes safely. MCA supports the Group to deliver marketing, brand, customer and stakeholder insights, reputation and trust stewardship, government relations, communications and environmental & social priorities. The decisions made here shape trust in CommBank every day. Impact & contribution As Senior Manager, Risk and Controls (Technology, Cyber & AI), you will play a critical role in shaping how MCA identifies, manages and enables technology-led innovation safely. Your focus will be on strengthening the management of technology, cybersecurity and AI-related risks in order to facilitate the fast and safe deployment of MCA's SaaS-heavy technology roadmap. You will drive risk practices that keep pace with rapid digital, data and AI adoption across MCA. You will work closely with senior leaders to effectively navigate technology, operational risk and compliance risk frameworks. You will drive a positive, engaged and empowered risk culture that embeds risk thinking into decision-making. You will help shape how AI risk is identified, governed and embedded as MCA adopts emerging AI-enabled capabilities, balancing innovation with responsible and compliant use. This role combines strategic influence, technology expertise, a risk-mindset and hands-on execution, with a strong expectation of owning and delivering core Line 1 risk activities end-to-end. This role reports into senior leadership within the MCA Chief Controls Office and partners closely with Executive stakeholders across Marketing, Corporate Affairs and Environment & Social.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at cba? Share your experience