Manager: IT Risk (Line 1) at Commonwealth Bank

Job description

The Commonwealth Bank Group is executing a plan to enter and disrupt the South African banking market. This will be achieved through a combination of innovative technology platforms, simple transparent and relevant customer offers, unique and differentiated partnerships and a distinctive focus on digital banking. Our strategy is one of financial inclusion – we are looking to breaking down the barriers to participation in the formal financial system. We will do this through a combination of this ultra-low cost innovative digital banking proposition together with an emphasis on financial literacy where we will deliver the knowledge and understanding that is a prerequisite to trust and participation.

The Purpose Of The Role

You will implement best practice operational risk management frameworks and practices across CBSA. You must ensure a risk based approach to risk management across everything we do and must ensure that potential risks are identified, assessed, considered, reported on and understood by business leaders when making decisions.

You Will

• Perform the following tasks in manner consistent with CBA’s values of Integrity, Accountability, Collaboration, Service and Excellence. People Capabilities will be at the forefront of what you do including Customer Focus, Team & Culture, Continuous Improvement, Effective Communication, Judgement and Drive Results.
• Implement the operational risk management framework, processes and practices, addressing people, process and technology risk across all business units including the roll out of risk and control self-assessment, control assurance, key risk indicators, internal loss data and issue management.
• Ensure that the technology risk practices, processes and culture are appropriate and adequate to prevent negligence and loss to the organization.
• Provide input to the development and implementation of relevant risk policies that support the integrated framework for technology risk within operational risk
• Develop and implement reporting for areas of responsibility and ensure that the Chief Technology and Operations Officer for TYME and Line 2 Risk are kept informed of emerging risks and ongoing performance.
• Participate, facilitate and lead as required in reviews.
• Provide recommendations on key technology and other operational risks and control issues within material projects, new products or process changes. Provide advice to the IFS businesses on the remediation of incidents identified through the Incident Management process.
• Escalate any areas of concern and ensure remedial steps are identified and implemented
• Support with the implementation of appropriate financial crime risk processes and practices across all proprietary business units for sanctions management, anti-bribery & corruption and anti-money laundering.
• Perform deep dive and thematic reviews as required.
• Perform root cause analysis and lessons learnt on risk events.
• Identify potential fraud risks, cyber and information security risks and highlight to management.
• Identifying technology risk, evaluating design and operating effectiveness of system controls.

What will make you successful?

• Professional membership such as CISA or equivalent desirable.
• Tertiary qualifications in a finance, technology or commerce discipline desirable.
• Understanding the business, it’s processes and possible weaknesses to be able to implement the elements of the Operational Risk Management Framework.
• 7 years’ experience in implementing and managing operational risk management frameworks in a banking, telecoms or insurance environment with specialization in Technology Risk.
• Experience in technology risk governance and strong understanding of regulations relating to technology risk, and information security.
• Ability to identify technology and other operational risks, assist the business to implement good risk practices
• Be able to multi task and be a self-starter.
• Ability to work with a broad range of stakeholders.

We are committed to building a respectful and inclusive workplace, appointing the best person for the role, supporting diversity. All information will be held in the strictest of confidence.