Manager IT Risk and Compliance
Hybrid · Sydney, New South Wales, Australia
Job Summary
Senior Manager IT Risk and Compliance role in CFS, leading risk management across Technology stakeholders. Responsible for assessing and monitoring IT, cyber and data risks, reporting insights in line with the CFS Risk Framework, and ensuring regulatory compliance (e.g., CPS 230, CPS 234, CPG 235). Collaborates with Technology, Cyber Security, Risk, Audit and regulators; maintains risk data in Protecht; supports Risk in Change and third-party risk management; delivers dashboards and executive reporting. Requires certifications or frameworks such as CISA, CRISC, CISSP, ISO 27001, ITIL, COBIT and experience in assurance/audit. Hybrid working model in Sydney, Australia. Based in Gadigal Land (Sydney).
Required Qualifications
- Experience in risk management within financial services, ideally in a regulated environment
- Proficiency with GRC tools (e.g. Protecht) for managing risks, controls, incidents, and reporting
- Strong third-party/supplier risk management experience, including due diligence and ongoing monitoring
- Expertise in risk reporting and insights, including dashboards, KRIs/KCIs, trend understanding, and executive reporting
- Relevant certifications or frameworks (e.g. CISA, CRISC, CISSP, ISO 27001, ITIL, COBIT) and experience in assurance/audit and Technology Risk Assessments (including Risk in Change)
Desired Qualifications
- CISA
- CRISC
- CISSP
- ISO 27001
- ITIL
- COBIT
- GRC tools proficiency
- Protecht experience
- risk management certifications or frameworks
- auditing/assurance experience
- regulatory compliance knowledge (e.g., CPS 230, CPS 234, CPG 235)
Additional Requirements
- Must have full work rights in Australia
- Sydney-based role with hybrid working model
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.