Senior Manager Supplier Risk
At CommBank, we never lose sight of the role we play in other people's financial wellbeing. Our focus is to help people and businesses move forward, to progress. To make the right financial decisions and achieve their dreams, targets and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas and energy all contribute to the impact that we can make with our work. Together we can achieve great things.
Do work that matters
CommBank is recognised as leading the industry in IT and operations with its world‐class platforms and processes, agile IT infrastructure, and innovation in everything from payments to internet banking and mobile apps.
See yourself in our team
We are seeking a Senior Manager – Supplier Risk & Controls to lead the delivery of high-quality risk outcomes across a portfolio of critical third‐party suppliers.
Role Overview
This role sits within the Supplier Risk & Controls (SR&C) function, a specialist team responsible for ensuring supplier engagements are managed safely, effectively, and in line with regulatory expectations across the full supplier lifecycle. As a portfolio lead, you will combine deep risk expertise, strong stakeholder engagement, and hands‐on execution—owning end‐to‐end supplier risk activity from onboarding through to ongoing assurance and remediation. This is a permanent role based in Sydney with remote working and a flexible workplace.
Responsibilities
In any given week your responsibilities may include:
Portfolio ownership and leadership
* Lead a defined portfolio of suppliers, accountable for the quality and timeliness of all risk activities delivered
* Provide oversight and guidance to case managers delivering supplier risk assessments and control testing
* Manage capacity, prioritisation, and delivery outcomes across your portfolio
Supplier risk assessment and profiling
* Oversee and review Supplier Risk Profiles and Risk Memos to support business decision‐making
* Ensure risks are identified, assessed, and clearly articulated in line with Group frameworks
* Drive consistency and quality in risk documentation and approvals
Control assurance and testing
* Lead oversight of control programmes and supplier control testing activities
* Ensure controls are accurately tested and deficiencies are identified, escalated, and addressed
* Provide insights on systemic control weaknesses and emerging risk themes
Stakeholder engagement and advisory
* Act as a trusted advisor to Business Owners, Risk, Procurement, and senior stakeholders
* Facilitate discussions on supplier risks, control gaps, and remediation strategies
* Lead escalation management for complex or high‐risk supplier issues
Governance and regulatory alignment
* Ensure supplier risk activities align to Group frameworks and regulatory expectations (e.g. supplier lifecycle, operational risk standards)
* Support governance forums and provide clear, actionable risk reporting
* Drive improved risk practices and consistency across the organisation
Continuous improvement and transformation
* Identify opportunities to improve the supplier risk operating model, processes, and tooling
* Support initiatives that reduce duplication, improve efficiency, and uplift capability
* Champion a culture of end‐to‐end ownership and accountability
Qualifications
* Extensive experience in supplier risk, operational risk, or controls assurance
* Strong understanding of third‐party risk frameworks and control environments
* At least 5 years in operational/technology risk within financial services with proven supplier risk experience
* Sound understanding of information security management, privacy legislation, ITIL, IT service continuity, IT disaster recovery, business continuity management, and third‐party control assurance
* Experience leading teams or portfolios delivering risk outcomes at scale
* Experience managing complex stakeholder environments across business and risk functions
* Familiarity with regulatory expectations for outsourcing and third‐party risk (e.g. CPS230)
* Sound understanding in dealing with regulatory and compliance issues within a major financial institution, audit firm or other major company
* Ability to analyse trends, identify critical threats and opportunities, diagnose problems and issues and recommend appropriate actions
* Have a passion for Supplier and technology risk and remain up to date on the latest emerging industry trends and disruptive technologies
* CA or CPA degree or any relevant tertiary qualifications in finance or risk management preferred
#J-18808-Ljbffr