Manager IT Risk and Compliance

Are you ready to be part of an organisation that values expertise, passion and diversity? At CFS we know that the foundation of our success lies in our exceptional people. We believe in celebrating individuality, have a passion for high performance and creating an environment where you can unleash your full potential. Our people enable us to make a difference and deliver exceptional experiences to help our customers achieve financial freedom.

Your Team

The Technology Line 1 Risk & Compliance team sits within CFS's Transformation, Technology and Operations, supporting the delivery of key strategic priorities across customer growth, partnerships, and technology transformation. The team plays a critical role in managing IT risk and enabling secure, compliant innovation across the organisation. Reporting to the Senior Manager, the role collaborates closely with Technology, Cyber Security, Risk, Audit and external regulators. The team is also focused on leveraging AI to drive efficiency, improve outcomes, and support CFS's future-ready capabilities.

Your Responsibilities

• Promote a strong risk-aware culture and provide expert guidance on risk management practices across Technology stakeholders

• Assess and monitor Technology, Cyber, and Data risks and controls, reporting key insights in line with the CFS Risk Framework

• Consider risk data (KRIs, incidents, PIRs) to identify trends, and support the remediation of audit findings and issues with stakeholders

• Review and validate control effectiveness and compliance with regulatory requirements (e.g. CPS 230, CPS 234, CPG 235)

• Maintain accurate risk data in Protecht, and deliver clear reporting and insights to support informed alignment across forums

• Support Risk in Change activities and provide proactive risk advice, including identifying emerging risks and impacts from change initiatives

Your Capability and Experience

• Experience in risk management within financial services, ideally in a regulated environment

• Proficiency with GRC tools (e.g. Protecht) for managing risks, controls, incidents, and reporting

• Strong third-party/supplier risk management experience, including due diligence and ongoing monitoring

• Expertise in risk reporting and insights, including dashboards, KRIs/KCIs, trend understanding, and executive reporting

• Relevant certifications or frameworks (e.g. CISA, CRISC, CISSP, ISO 27001, ITIL, COBIT) and experience in assurance/audit and Technology Risk Assessments (including Risk in Change)

What to Expect

At CFS, you'll be working among the very best in the wealth management industry. It's an inspiring environment that encourages development and celebrates success. Other things to look forward to:

• Additional day for your birthday
• Hybrid working model
• Access to CFS Employer Super
• Life Leave - 3 days per annum
• Access to Sonder who provides human-powered medical, mental health and safety support through one easy-to-use app enabling you to get support whenever and wherever you need.
• Access to Corporate rates with BUPA Health Insurance
• Trusted coaching and counselling services supporting life, mind, body, relationships, work and family to assist you in taking charge of your own health and wellbeing

CFS Culture

At CFS we are committed to creating a thriving environment where individuals can flourish. We believe that success is built upon strong teams, and we are dedicated to celebrating uniqueness, championing individuality and supporting a diverse and inclusive workforce. We believe that when you can truly be yourself, you can unlock your full potential.

Apply today and join us in helping Australians to achieve their financial freedom.

Please note, CFS requires all candidates to have full work rights in Australia.

Where we have preferred candidates, background checks (including Police, Employment, Bankruptcy checks, ASIC banned and disqualified persons) will be completed prior to the final preferred candidate's employment being confirmed. The outcomes of the background checks do not preclude the preferred candidate, however, they will be assessed against the inherent requirements of the role.

This role is based on Gadigal Land (Sydney).

• Experience in risk management within financial services, ideally in a regulated environment

• Proficiency with GRC tools (e.g. Protecht) for managing risks, controls, incidents, and reporting

• Strong third-party/supplier risk management experience, including due diligence and ongoing monitoring

• Expertise in risk reporting and insights, including dashboards, KRIs/KCIs, trend understanding, and executive reporting

• Relevant certifications or frameworks (e.g. CISA, CRISC, CISSP, ISO 27001, ITIL, COBIT) and experience in assurance/audit and Technology Risk Assessments (including Risk in Change)

• Promote a strong risk-aware culture and provide expert guidance on risk management practices across Technology stakeholders

• Assess and monitor Technology, Cyber, and Data risks and controls, reporting key insights in line with the CFS Risk Framework

• Consider risk data (KRIs, incidents, PIRs) to identify trends, and support the remediation of audit findings and issues with stakeholders

• Review and validate control effectiveness and compliance with regulatory requirements (e.g. CPS 230, CPS 234, CPG 235)

• Maintain accurate risk data in Protecht, and deliver clear reporting and insights to support informed alignment across forums

• Support Risk in Change activities and provide proactive risk advice, including identifying emerging risks and impacts from change initiatives