Senior Audit Manager, Tech & Cyber Audit Perth, AU
Commonwealth Bank
At CommBank we are proud to support flexibility, let's discuss what this means for you.
The Commonwealth Bank of Australia (Bank) is Australia's leading provider of integrated financial services. They are committed to continuously improving governance practices and ensuring that they are aligned with business, stakeholders and customers' needs.
Group Audit and Assurance (GA&A) are the internal audit function for the Group. Their primary purpose is to provide independent and objective assurance of the effectiveness of the Group's risk management, controls and governance processes.
As digital technology disrupts and transforms entire industries and ways of working, GA&A is committed to keeping pace and continually reimagining themselves with the latest global best technology and innovation.
With global-best digital tools that harness the power of data, analytics and AI, GA&A are delivering smarter, faster and safer outcomes to address current and emerging risks and provide better assurance outcomes for our customers and community.
See yourself in our team
The Technology and Cybersecurity audit team within the GA&A department provides coverage over the technology portfolio as well as critical projects and IT suppliers across the Bank.
Your contribution will add value by:
Cultivating a dynamic environment to enable focus on key issues and the details that come with it. Contributing to high quality audit reports focused on the Group's technology and cybersecurity controls. Aiding our stakeholders to make a difference to their business and that protects the Group and our customer. Your responsibilities
Demonstrate a general understanding of diverse IT systems and technology concepts and manage and lead the delivery of IT audits within agreed timeframes and in line with the GA&A Audit Methodology. Interview customers and conduct process walkthroughs to understand the risk and control environment as well as test key controls by gathering relevant audit evidence and interpreting data and document test plans, results and conclusions clearly and concisely. Effectively manage stakeholders, timelines and communication. Integrate knowledge and assurance provided by other Line 1-2 risk functions and the External Auditors when undertaking audit fieldwork. Foster a culture of continuous improvement by sharing knowledge and best practices. Effectively support, supervise, and deliver assigned scope areas of the audit from Planning, Fieldwork, Reporting, and through to audit closure. Draft issues and agree the factual accuracy and ratings with stakeholders, as well support the Executive Manager in preparing simple, pragmatic, and easy to read audit reports and issue logs. Create and develop independent and objective relationships within GA&A, the Bank and externally to enable effective knowledge sharing and collaboration. Extensive understanding and experience in cloud and engineering practices, including secure code management, build, test, and deployment practices in cloud environments. Strong knowledge of IT areas such as containers, network security, CI / CD, engineering, AWS IAM, and Kubernetes. Experience in auditing cloud-based environments is highly desirable. Experience with AI is also highly desirable. Excellent leadership and interpersonal skills, with the ability to collaborate and influence work cross-functionally. Strong communication (written and verbal) and senior stakeholder engagement. Tertiary qualification in Computer Science, Information Technology product related fields. Typically requires 7+ years auditing or relevant experience. Professional certifications such as AWS Certified Solutions Architect, Azure Solutions Architect, or Google Cloud Certified Professional preferred. Extensive experience in auditing IT controls with a strong knowledge of areas such as IT security, Software development, Application controls, Identity and access management and Systems resilience. Familiarity with audit methodologies, risk management frameworks, and regulatory requirements (e.g., GDPR, PCI DSS, SOC 2) - Desirable. Strong analytical skills, attention to detail, and problem-solving abilities. If you live the values and demonstrate the people capabilities, we can offer great opportunities. Whether you want to move across the organisation or up into a leadership role, the way you live the values and demonstrate the people capabilities are key.
#J-18808-Ljbffr