Chapter Lead Chief Controls Office - Fraud, Scams and Business Disruption Risk

See yourself in our team:

Technology is responsible for the world leading application of technology across every aspect of CommBank, from innovative product platforms for our customers to essential tools within our business.

The Chief Controls Officer (CCO) is responsible for ensuring that the business effectively manages non-financial risks, is aligned with fair outcomes for customers and, in particular, responds to changing Board and regulatory expectations.

Do work that matters:

Technology CCO (TCCO)’s purpose is to ensure our technologists have the capabilities to effectively manage non-financial risks and provide secure and always available technology products and services to our customers.

The TCCO Technology, Security and Data team works closely with the Chief Information Officers across Technology to ‘shift left’ by driving an emphasis on inherent risk reduction through modernisation and simplification of the Group’s technology estate. This is in parallel to ensuring the current control environment is being effectively managed, risks (current and emerging) are transparent and have robust treatment plans, and enable the delivery of key strategic objectives through simple and proactive risk advice and assessment.

Key responsibilities for this role includes:

• Lead and build the professional capability of your team of experienced Fraud and Scams, and Business Resilience risk professionals.

• Work closely with the Chief Security Officer Leadership team to uplift risk management culture and practices.

• Support the Risk Stewards for Fraud & Scams, and Business Disruption including activities to drive continuous improvement across the end to end risk and control environment, and reporting to the Technology Non-Financial Risk Committee (NFRC), Extended Leadership Team NFRC, Board and Board Risk Committee.

• Support the Group Security CIO function to ‘shift-left’ driving an emphasis on reducing inherent risk through a simpler, modern technology estate, decreasing dependency on controls only to achieve target residual risk positions.

• Develop, embed and monitor the operating model for an efficient and effective line 1 function covering compliance, regulatory change, conduct and operational risk to support the management, governance and oversight of Group Security’s non-financial risk. This includes targeted deep dives on the risk and control environment to proactively identify and ensure remediation of systemised control improvements where possible

• Collaborate with key stakeholders in Group Security and SMEs to sustain a culture that is enabling of strategic objectives and also appropriately sceptical, control aware and cognisant of key customer and business risks.

We’re interested in hearing from people who have:

• Advanced understanding and knowledge of the risk and control environment with proven experience across one or more domain areas of fraud & scams, business resilience, operational risk, compliance and regulatory change within a Technology domain

• Proven leadership in a large/complex organisation, ideally a financial institution or Technology company

• Strategic thinking and an ability to drive the team to analyse trends, identify critical threats, insights and opportunities, diagnose problems and issues and recommend appropriate actions

• Demonstrated experience in leading and or providing risk advice and support of large complex organisational change in response to Technology transformation or regulatory change initiatives

• Ability to develop constructive working relationships with a large and varied stakeholder group at all levels of seniority across a Business Unit

• Product or tooling knowledge across fraud and scams, business resilience or CISM, CISA, CRISC, CGEIT, CDPSE, COBIT, ITIL, CISSP or other IT risk related certifications (e.g. ISO200x, PCI/DSS) is favourable

If this sounds like the role for you then we would love to hear from you. Apply today!

We support our people with the flexibility to balance where work is done with at least half their time each month connecting in office. We also have many other flexible working options available including changing start and finish times, part-time arrangements and job share to name a few. Talk to us about how these arrangements might work in the role you’re interested in.

If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We’re keen to support you with the next step in your career.

We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.