Analyst - Technology and Data Risk
**About Cbus**
Created by workers, for workers, Cbus Super is one of Australia's most successful Superannuation funds. For almost four decades we've proudly represented those who help shape Australia, hard-working individuals who deserve to make the most of their retirement, no matter the industry. As an award-winning fund we've been recognised for the benefits provided to our members and our innovative investment approach. All while staying committed to our member first ethos as a proud Industry Fund.
**About the role**
The Analyst, Technology & Data Risk Analyst (AT&D) position is part of the Operations Division Risk & Compliance team at Cbus, which sets the direction and strategy for the risk management and compliance to ensure that technology and data risks are identified, understood, and managed effectively.
This role will be a part of the Technology & Data Risk Management team to drive an optimised and sustainable balance between risk, reward, and support of Operations in a way that ensures integrity, confidentiality and availability and performance of technology assets across Cbus.
A strong background in technology risk and data risk management in financial services (superannuation & investment management) with the capability and experience to develop resources to focus and achieve outcomes to deadlines and quality to manage competing stakeholder priorities.
**Key Accountabilities** Risk Governance and Strategy
- Support implementation of a robust Line 1 technology risk governance framework, aligned with enterprise standards.
- Assist in developing technology risk management strategies and policies for Line 1 operations.
Risk Assessment and Mitigation
- Conduct risk assessments to identify, analyze, and manage technology and data risks.
- Maintain a comprehensive risk register and develop remediation plans to manage risks within Board-approved tolerances.
- Evaluate and improve critical technology controls, ensuring business continuity and disaster recovery preparedness.
Compliance and Controls Oversight
- Ensure ongoing compliance with regulatory, legislative, and policy requirements in coordination with risk management and compliance teams.
- Respond to regulatory reviews and track action plans through completion.
Controls Monitoring and Assurance
- Conduct workshops and testing to validate the design and operational effectiveness of controls.
- Identify and track control gaps, recommend improvements, and manage the remediation process.
- Assess model risk controls to ensure compliance with model governance policies.
Risk Reporting
- Develop risk dashboards and reporting mechanisms to communicate risk profiles to stakeholders.
- Provide regular updates to senior management on risk functions and plans.
Resource Planning
- Assess resource capacity needs and collaborate with teams to allocate resources effectively.
Training and Awareness
- Assist in the development of training programs to ensure policy awareness among staff.
Stakeholder Engagement
- Build strong relationships across the business to align risk management objectives with operational goals.
**Key Selection Criteria**
- Bachelor's degree in IT, information security, or a related field (preferred).
- Knowledge of risk strategies/frameworks in the Australian financial services sector, including APRA CPS 234, CPS 230, ISO 27001, NIST CSF, and ISO 31000.
- 5+ years of experience in IT audit, technology risk, GRC, or related fields.
- Strong verbal and written communication skills with the ability to work independently.
- Certifications such as CRISC, CDPSE, or CISA (or pursuing) are highly desirable.
- Excellent judgment and a track record. of delivering results in high-pressure environments.
**Key Competencies**
- Strong understanding of technology and data risk concepts, compliance standards, and regulatory frameworks.
- Proven ability to assess and improve controls, manage risk mitigation, and ensure regulatory compliance.
- Effective collaboration and stakeholder engagement skills, fostering a culture of risk awareness.
This role plays a critical part in aligning technology and data risk practices with enterprise goals while safeguarding regulatory compliance and operational integrity.
**Belong at Cbus**
We value difference, and embrace people with diverse backgrounds, experiences, gender identities, abilities and thinking styles. We believe that, with diversity of perspectives and experiences, you get better teams and outcomes. We're looking for people of all genders, races, nationalities, orientations and of all abilities to join us.
**We're keen to hear from you**
Applications Close: 12th Feb 2025
This is a full-time position based in Melbourne
Agencies, please note: All Cbus vacancies are managed by our internal Talent Acquisition Team. Should external assistance be required we will reach out to our preferred agency partners, Thank you.
Job ID 4313392