Senior Risk Manager, IT Cyber

Join to apply for the Senior Risk Manager, IT Cyber role at Colonial First State

This position is part of the independent Line 2 Risk function which is led by the Group Chief Risk Officer (CRO).

Are you ready to be part of an organisation that values expertise, passion and diversity? At CFS we know that the foundation of our success lies in our exceptional people. We believe in celebrating individuality, have a passion for high performance and creating an environment where you can unleash your full potential. Our people enable us to make a difference and deliver exceptional experiences to help our customers achieve financial freedom.

This position is part of the independent Line 2 Risk function which is led by the Group Chief Risk Officer (CRO).

• Provide independent oversight, effective challenge, and expert advice on technology and cyber risks across the organisation as a Senior Manager in the Line 2 IT & Cyber Risk Advisory team.
• Support the Chief Information Security Officer (CISO), Chief Risk Officer (CRO), and senior business stakeholders in managing risk within appetite and regulatory expectations.
• Provide Line 2 oversight and challenge of the enterprise's IT and cyber risk management practices.
• Act as a trusted advisor to the business, technology, and cyber security teams on emerging risks, control effectiveness, and risk mitigation strategies.
• Independently assess the adequacy and effectiveness of IT and cyber controls.
• Review and challenge key risk and control assessments, risk acceptance decisions, and IT/cyber components of material change programs.
• Support the ongoing implementation and uplift of the enterprise risk management framework, focusing on IT and cyber domains.
• Contribute to Line 2 risk reporting to senior executives, Board Risk Committees, and regulators.
• Collaborate with Line 1 Technology, Cyber Security, and Business Units to uplift risk maturity.
• Lead Line 2 risk reviews or deep dives into high-risk IT environments or significant incidents.

• Experience in IT risk, cyber risk, internal audit, and/or technology assurance roles, preferably in the Financial Services industry.
• Strong knowledge of regulatory frameworks such as APRA CPS 234, CPS 230, CPS 231, NIST, ISO 27001/2, COBIT, and/or ITIL.
• Highly collaborative, with excellent communication skills and ability to influence senior stakeholders.
• Ability to balance commercial acumen with risk stewardship.
• Prior experience in a Line 2 Risk role or relevant consulting/advisory experience highly regarded.
• Tertiary qualifications in Information Technology, Cybersecurity or Risk Management and relevant certifications preferred (e.g. CISM, CRISC, CISSP, CISA).

This is an exciting opportunity to shape and uplift cyber risk management in a changing regulatory environment, work closely with senior stakeholders, and advance your career at CFS. We are open to considering candidates from a wide range of backgrounds, including Line 1/2/3 Risk, professional services or strong operational experience in Technology and Cyber.

• At CFS, you'll be working among the very best in the wealth management industry. It's an inspiring environment that encourages development and celebrates success.
• Access to CFS Employer Super, which offers an expansive investment menu and flexible insurance solutions
• Support with financial services, including discounts on home loans and daily bank accounts through our partnership with a leading financial institution
• Access to 24/7 confidential support covering safety, medical and mental health services
• Life Leave - 3 days per annum to focus on your wellbeing or celebrate a special event
• Exclusive discounts on retail, travel and entertainment
• Additional leave day to celebrate your birthday

At CFS we are committed to creating a thriving environment where individuals can flourish. We believe that success is built upon strong teams, and we are dedicated to celebrating uniqueness, championing individuality and supporting a diverse and inclusive workforce.

Please note, CFS requires all candidates to have full work rights in Australia.

Where we have preferred candidates, background checks (including Police, Employment, Bankruptcy checks, ASIC banned and disqualified persons) will be completed prior to the final preferred candidate's employment being confirmed. The outcomes of the background checks do not preclude the preferred candidate, however, they will be assessed against the inherent requirements of the role.

This role is based on Gadigal land (Sydney). Other locations can be considered.