Service Manager- Risk Performance
Service Manager Risk Performance - Permanent Full Time See yourself in our team:
Enterprise Services (ES) is responsible for the world leading application of technology and operations across every aspect of CommBank, from innovative product platforms for our customers to essential tools within our business. We also use technology to drive efficient and timely processing, an essential component of great customer service.
CommBank is recognised as leading the industry in IT and operations with its world-class platforms and processes, agile IT infrastructure, and innovation in everything from payments to internet banking and mobile apps.
Within Enterprise Services, the Chief Data Office is accountable for leading the Group data agenda by ensuring we build, consume and protect the best data assets to maximize customer experience and rebuild trust. The Chief Data Office is accountable for data strategy, data transformation programs, data governance and remediation programs of work, Privacy program as well as delivery of $100m projects within the CDO remit.
Your team is of data management, analytics, information management, Decisioning and privacy management professionals, driven to enhance the financial wellbeing of our customers in a safe, sound and secure way. Collectively the team is defining, designing, developing and delivering the multiple and focused initiatives including capability uplift, best-practice, regulatory compliance, governance and platforms from which the business can use to deliver better customer outcomes The team is accountable for the ownership and governance of Group-wide data elements including master reference data and the Group's key analytics capabilities including GDW, Omnia, SAS, R, Tableau, Oracle BI, Ab Initio and Data Stage. Do work that matters:
This role will be accountable to helping build and improve the current state of service management and risk capabilities of teams across CDO from a governance and assurance perspective. A direct contribution of this role will be to improve outcomes across all CDO IT Services reflected in significantly improved risk profile, operational performance and enhanced KPI results for CDO.
This is a senior experienced role that provides the opportunity to represent CDO across a multitude of aspects such as risk & controls management, identity & access management, vulnerability tracking, reporting & remediation and lifecycle management with an aim to enhance and improve overall risk posture. A key responsibility for this role includes:
You will be expected to perform the following tasks in a manner consistent with CBA's Values and People Capabilities:
We're interested in hearing from people who have:
- Provide support and guidance around key governance, risk & assurance aspects of service management such as Identity & Access management, Lifecycle management, Vulnerability management, ARC/RRP and Controls management to various portfolio managers and tribe leads across CDO;
- Be the central point of contact for Controls Self-Assessment, internal and external audit and/or CAP coordination for CDO;
- Represent CDO in all events around service and risk management- examples being Service Management Guild & Controls Management workshops and inform and embed new enhanced approaches across all relevant CDO teams;
- Conduct and facilitate in-depth reviews of systems through controls self-assessment (CSA) along with the portfolio managers and tribe leads to uncover any hidden risks and/or assist in preparing go-to green plans to remediate known issues;
- Play an active role across CDO in facilitating reviews around cyber-security covering security exemptions, vulnerability & configuration management, identity & access management, cyber-security non-negotiables and penetration testing;
- Facilitate open-handover of PPMC risks, cyber-security findings and self-identified risks to BAU and work closely with Line 1 risk counterparts to get these raised in the relevant risk system (i.e. Riskinsite) as appropriate for active monitoring and tracking.
If you are an experienced professional with a desire to take on complex work/projects then we would love to hear from you!
- Preference for candidates who have worked in Big 4 consulting firms (EY, PwC, Deloitte, KPMG, Protiviti, etc.) or a highly busy corporate environment such as a Large Bank, Insurance or Telecom company;
- Strong technology risk, ideally service delivery and /or IT industry experience with a focus on risk and controls;
- Strong knowledge around key aspects of risk performance such as IT risk & control, IT audit (general controls and application controls) ;
- Good understanding of vulnerability management, Identity & Access Management, Penetration Testing and Supplier Risk Management would be valued;
- Strong service management (including Configuration Management/ CMDB) along with Risk/Audit request fulfilment experience;
- Information Technology and/or Business Management qualifications ideally focused on aspects of IT risk management and/or IT audit/cyber-security;
- ITIL V3 foundation, CISA/CISSP/CISM qualifications would be highly valued but not essential.
If you're already part of the Commonwealth Bank Group (including Bankwest), you'll need to apply through Sidekick to submit a valid application. We're keen to support you with the next step in your career.
Advertising End Date: 26/11/2020