Job Description

Your responsibilities This role is focused on, but not limited to: Execute quarterly automated control assurance testing schedule across Business and Support Units controls. Assure automated controls are fit for purpose and meet control objective in mitigating the relevant risks and obligations. Support, contribute, question and document walk-through\'s held with multiple stakeholders to perform necessary in depth control testing including code/configuration inspection and scenario testing. Draft, execute, document and conclude on automated control design and operational effectiveness testing. Review and challenge Business/Support Units on critical data elements coverage, design and operation of automated/semi-automated controls being tested. Utilise sound SQL and IT assurance expertise to hold technical discussions on the design and code used for data capture, extract, load and transfer as part of data related control assurance. Provide guidance to internal stakeholders on addressing identified control deficiencies. Assist the Executive, Senior Manager and Manager to uplift and roll out the automated control testing and continuous monitoring capability and methodology, including leveraging analytics skill set. Ability to think innovatively and outside of the box when faced with challenges. In this role you will: Provide Business/Support Units with an assurance outcome over the design and operating effectiveness of automated/semi-automated controls. Work closely with the business, Chief Controls Office (CCO)/Line 1 Risk community and technology teams in technical code reviews as part of control design and operational effectiveness testing to ensure the control is both fit for purpose and use. Drive continuous improvement of the Group\'s Control Environment through the provision of insights and reporting to enable the timely and effective remediation of controls Drive continuous improvement of CAP through implementation of continuous control monitoring, automation and control rationalisation. Role-model the Group\'s values and behaviours. Complete all required training and participate in performance review discussions with CBA India and CBA Australia partners Adhere to the Code of Conduct. The Code of Conduct sets the standards of behaviour, actions and decisions we expect from our people. Your skills and experience Bachelor\'s Degree in Information Technology/Systems, Computer Science/ Engineering or equivalent (mandatory) Tested and validated automated controls using SQL expertise (mandatory). Experience in the use of SQL to write queries Postgraduate studies in Risk, Compliance, IT, Systems Auditing, Risk Management (highly regarded). Knowledge of, and 5+ years\' relevant work experience in IT external audit, IT internal audit, IT risk and regulatory management strategies and techniques, (including SoX 404). Experience (5+ years\') in applying relevant technical knowledge in at least the following engagements: internal or operational audits, ISAE 3402, ISAE 3150 or SSAE16 attestation engagements for third parties, technology security and IT control reviews and/or business process reviews. Professional certifications such as CISA, CISM, CISSP, CGEIT, ITIL, ISO2000, ISO27001. Minimum of 5 years of client-facing experience with stakeholder management, preferably in financial services or another highly regulated industry. Knowledge of compliance standards and control assurance frameworks. Technology risk management experience in large, complex and critical technology/system/IT environments. Knowledge of Australian and International regulatory frameworks. Knowledge of technology risk management concepts and processes. High level of communication, influencing and negotiation skills. Professional services skills demonstrated through the analysis, design and review of technology, system, process and control roadmaps. Experienced in testing life cycle (i.e., scope, plan, schedule, evaluate, remediate) to testing team, Business Units, technology and data office teams. Ability to collaborate with geographically distributed teams across multiple technical areas. Excellent data analysis skills and the ability to analyse and report on control assurance activities in risk terms. Risk skills and experience: All CommBank employees are expected to proactively identify and understand, openly discuss and act on current and future risks. As a leader, we would be looking for you to have: Good understanding of the end to end risk management processes, activities and initiatives that support sound risk management in complex environments. The skills to manage risk effectively including authentically communicating the importance of risk in a way that mobilises others to act, making robust decisions, creating an environment where people feel safe to speak up, working collaboratively across the three lines of accountability and delivering sustainable results. If you\'re already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you\'ll need to apply through to submit a valid application. We\'re keen to support you with the next step in your career. We\'re aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696. Advertising End Date: 28/09/2023

foundit