Cyber & Business Resilience Manager

Challenger Limited is an ASX-listed investment management firm managing $123.9 billion in assets (as at 30 June Life with us is fast moving and always exciting. Together we're driving to deliver our vision to provide our customers with financial security for a better retirement.

We achieve this goal by providing a work environment where people from diverse backgrounds, with a range of skills and experiences can contribute and succeed.

Join us as our Cyber & Business Resilience Manager - Lead Incident Response and Crisis Preparedness

• This is a key role driving Challenger's cyber incident response and resilience strategy, with major initiatives underway — including crisis simulations, regulatory uplift, and resilience maturity improvements.

• Reporting to our Chief Information Security Officer (CISO), this Line 2 risk role focuses on cyber response oversight, resilience uplift, and continuous improvement.

• We work flexibly from our Sydney CBD office — typically three days in the office and two days from home.

About the role

We're seeking a proactive cyber and resilience specialist to lead Challenger's incident response, resilience and crisis management frameworks — strengthening our ability to respond effectively to cyber events and operational disruptions.

You'll work with a wide range of stakeholders across Challenger — ranging from representatives across all Divisions, the Leadership Team, and the Board — and contribute to strengthening our resilience posture across the organisation.

You'll own and enhance cyber playbooks and resilience documentation, manage tabletop exercises, and support business units in maintaining accurate and tested business continuity plans. With a strategic lens, you'll contribute to uplift programs that improve engagement, tools, and testing approaches — ensuring Challenger's resilience capabilities are robust, practical, and future-ready.

Key responsibilities will include:

Crisis and disaster recovery

• Lead cyber incident response exercises and crisis simulations with senior stakeholders, ensuring Challenger is prepared for high-impact scenarios.

• Provide Line 2 oversight of disaster recovery and cyber resilience controls, including immutable backups and hybrid/cloud recovery testing.

• Ensure disaster recovery scenarios are realistic, effective, and regularly tested.

• Support Challenger's ongoing maturity of CPS230 and alignment with NIST CSF 'respond' and 'recover' domains.

Business resilience

• Provide effective review and challenge of resilience strategies and documentation, ensuring they are credible, continuously improved upon and tested

• Support strategic uplift initiatives to improve engagement, testing, and resilience strategies, in light of Challenger's transformation agenda

• Manage annual testing programs and coordinate tabletop exercises across business units.

Training and education

• Deliver training on crisis management, resilience, and cyber simulations.

• Educate stakeholders on technology risk and resilience best practices.

Compliance and risk

• Drive compliance with CPS230 and CPS234 while aligning Challenger's resilience posture to leading frameworks such as NIST CSF and ISO27001.

• Liaise with internal and external audit teams and support remediation tracking.

• Report exceptions and incidents to ERMC, GRC, and the Board.

What you'll bring

You'll have at least 5 years' experience in cyber incident response, resilience, and crisis management—ideally within financial services. You bring a proactive mindset, strong stakeholder engagement and communication skills, and the ability to drive incident response and resilience uplift programs that enhance Challenger's cyber posture.

You're confident working independently, navigating complex environments, and identifying opportunities to strengthen risk outcomes. Your ability to influence, prioritise, and deliver under pressure will be key to success in this role.

Technical expertise

• Strong understanding of ISO 22301, NIST CSF, ISO 27001, CPS 230, CPS 234, and GS007.

• Experience coordinating crisis simulations and disaster recovery testing.

Leadership and behavioural skills

• Ability to remain calm under pressure, apply sound judgement in high-stakes situations, and approach incidents with a pragmatic mindset.

• A positive, solutions-focused attitude with enthusiasm for working across a broad and varied remit.

• Strong organisational skills and the ability to manage multiple priorities and deadlines in a fast-changing environment.

Preferred qualifications

• ISO 22301 BCP certification

• Further IS certifications (e.g. CISM, CISSP, Forensics)

• Degree in cybersecurity, risk management, or a related field

Why Challenger?

At Challenger, we're small enough to be agile, but big enough to accelerate bold ideas. We support your growth and development, offering flexibility and a culture that values your unique contributions.

• Discretionary bonus scheme

• 18 weeks paid parental leave for all new parents

• Challenger Day – one extra day off every year in recognition of the effort our people make. 

• Additional support leave (fertility, gender affirmation)

• Extra superannuation contributions

• Employee share plan

• Employee Assistance Programme

• Subsidised on-site café and central location near Martin Place Metro

• Access to free onsite yoga, mindfulness and Pilates classes.

• Access to annual free flu shots.

Explore our benefits further:

#LI-KM1

#LI-Challenger

#LI-Hybrid

Challenger's employee value proposition guides how we work: Grow and realise your potential, supporting each other, stronger together and making things happen. Our culture encourages curiosity, considered thinking and meaningful contribution, with opportunities to build a broad and rewarding career.

We are committed to fostering a safe, inclusive and respectful workplace where people of all backgrounds, identities and ways of thinking can thrive, and promoting flexible working to support work-life balance. 

Challenger is proud to be a Workplace Gender Equality Agency (WGEA) Employer of Choice for Gender Equality, a Family Friendly Workplace and recognised as a Bronze Employer in the Australian Workplace Equality Index (AWEI), the national benchmark for LGBTQ+ workplace inclusion.

Job type:

Posting Close Date :