CareerTreesAustraliaCommonwealth Bank

Commonwealth Bank

Senior Manager Risk and Controls – Technology, Cyber & AI

Sydney CBD Area · Posted 30 June 2026

Apply on Commonwealth Bank

Application is handled by Commonwealth Bank. CareerTrees does not store your CV.

Senior Manager Risk and Controls – Technology, Cyber & AI

Marketing & Corporate Affairs | Line 1 Risk

Do work that matters

At Commonwealth Bank, risk management is fundamental to how we protect our customers, our brand and our future.

The Marketing and Corporate Affairs (MCA) Chief Controls Office (CCO) is a Line 1 risk function providing integrated, pragmatic risk services that enable MCA to deliver strong customer and business outcomes safely.

MCA supports the Group to deliver marketing, brand, customer and stakeholder insights, reputation and trust stewardship, government relations, communications and environmental & social priorities. The decisions made here shape trust in CommBank every day.

Impact & contribution

  • As Senior Manager, Risk and Controls (Technology, Cyber & AI), you will play a critical role in shaping how MCA identifies, manages and enables technology-led innovation safely.

  • Your focus will be on strengthening the management of technology, cybersecurity and AI-related risks in order to facilitate the fast and safe deployment of MCA’s SaaS-heavy technology roadmap. You will drive risk practices that keep pace with rapid digital, data and AI adoption across MCA.

  • You will work closely with senior leaders to effectively navigate technology, operational risk and compliance risk frameworks. You will drive a positive, engaged and empowered risk culture that embeds risk thinking into decision-making.

  • You will help shape how AI risk is identified, governed and embedded as MCA adopts emerging AI-enabled capabilities, balancing innovation with responsible and compliant use.

  • This role combines strategic influence, technology expertise, a risk-mindset and hands-on execution, with a strong expectation of owning and delivering core Line 1 risk activities end-to-end.

  • This role reports into senior leadership within the MCA Chief Controls Office and partners closely with Executive stakeholders across Marketing, Corporate Affairs and Environment & Social.

Key responsibilities

You will partner with the business to deliver a comprehensive and integrated Line 1 risk service, including:

  • Defining and actively managing MCA’s technology, cyber and AI risk profile, including identification, assessment and remediation of operational and compliance risks.

  • Leading end-to-end delivery of core Line 1 risk framework activities, including RCSAs, CSAs and CMRS, from scoping and facilitation through to documentation, review and uplift.

  • Owning risk artefacts (not just reviewing/advising), ensuring they are high quality, actionable and aligned to ORMF expectations.

  • Providing trusted, pragmatic risk advice to senior MCA stakeholders, balancing innovation, speed and control.

  • Acting as a key risk partner in technology change, digital initiatives, SaaS implementations and AI-enabled use cases, ensuring risks are understood and managed early.

  • Identifying risk and control gaps and driving these through to resolution, including escalation through governance forums where required.

  • Supporting robust governance outcomes, including preparation for and contribution to MCA Non-Financial Risk Committee forums.

  • Strengthening risk practices across MCA, including improving consistency, clarity and execution of risk framework activities.

  • Developing risk capability across the business, lifting risk maturity and embedding a proactive risk culture.

What we’re looking for

We’re interested in hearing from people who bring:

Technology, cyber, AI & SaaS risk experience

  • Experience managing technology, cyber and/or AI risks in complex environments

  • Exposure to SaaS platforms and third-party risk considerations, including assessing and challenging risk positions

  • Ability to support modern technology delivery (including fast-paced and AI-enabled environments) with practical, risk-based solutions

Strong Line 1 execution capability

  • Experience across risk lifecycle activities (eg. RCSA, incidents, issues, governance and reporting)

  • Sound to strong understanding of Operational Risk Management Frameworks and non-financial risk practices

  • Confidence contributing to governance forums and driving risk outcomes through formal channels

Problem solving & delivery mindset

  • Proven ability to identify risk and control gaps and see them through to resolution

  • Structured approach to prioritisation, balancing materiality, stakeholder impact and delivery timelines

  • Comfortable operating in a fast-paced, evolving environment with competing priorities

Stakeholder engagement & influence

  • Strong stakeholder management skills, with the ability to partner closely with business and technology teams

  • Ability to influence senior stakeholders and provide balanced, commercially aware risk advice

Communication & impact

  • Clear, structured and concise communication style

  • Ability to respond directly to questions and articulate risk positions with clarity and impact

  • Strong ability to tailor messaging for both technical and non-technical audiences

Motivation & alignment to MCA

  • A genuine interest in working within Marketing & Corporate Affairs and understanding how risk supports brand, reputation and customer outcomes

  • Desire to operate as a hands-on Line 1 practitioner, embedded in the business and close to delivery

Why this role is distinct

This role reflects a broader shift in how Risk operates - toward a more connected, insight-driven and commercially aware practitioner model.

You will have the opportunity to influence not only risk outcomes, but also how risk is embedded within a highly visible and dynamic business unit.

You will work at the intersection of technology, cyber, AI and brand risk, helping shape safe innovation in a part of the bank that directly impacts customer trust and reputation.

You will join a team that values thoughtful challenge, accountability and practical delivery - where strong judgement, clear communication and hands-on execution are critical to success.

We support our people with the flexibility to balance where work is done with at least half their time each month connecting in office. We also have many other flexible working options available including changing start and finish times, part-time arrangements and job share to name a few. Talk to us about how these arrangements might work in the role you’re interested in.

If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We’re keen to support you with the next step in your career.

We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.

Advertising End Date: 10/07/2026