Head of Cyber Risk

Head of Cyber Risk

- Permanent
- Sydney
- Role sits in Risk Division / 2nd Line of Defence Function

How will I help?

As the Head of Cyber Risk, reporting to the Chief Risk Officer for Technology, you will join the Risk Division in a 2nd Line of Defence function and set, own, advise and report on the Group-wide approach to managing Cyber Risk. You will have responsibility for leading and supporting the delivery of an effective and efficient Cyber Risk Class Owner function providing independent specialist 2nd line cyber risk leadership, insight and oversight across the Group to promote a standard approach to effectively managing cyber risk. Leading a high performance team you will ensure consistency with the Risk division strategy, Group strategy,





Group Policies and frameworks, relevant delegations, the Group Risk Appetite statement and applicable laws and regulations.

Your key accountabilities will include:

- Understand the cyber risk management landscape (including regulators) and define the strategic direction for managing cyber risk.
- Utilise global trends, economic cycles and regulatory changes to identify and develop early warnings for emerging cyber risks.
- Provide support and expertise in the definition of cyber risk in the Group's Risk Library and in the development of cyber risk elements in the Group and Divisional RAS, and Key Indicator Library.
- Responsible for the development, implementation plan and monitoring of the Cyber Risk Management Framework.
- Develop and maintain the Cyber Risk Management Roadmap.
- Develop guidance and training to build cyber risk expertise in 2LOD and 1LOD (where relevant).






- Support Divisional CRO teams in ensuring that the impacts of Cyber-based risks are well understood and appropriately managed in other divisions.
- Provide independent insight on cyber risk and controls management.
- Provide 2nd line independent advice and oversight over the design and implementation of strategic cybersecurity projects.
- Provide oversight to the quality of data used in cyber risk decision-making.

What do I need?

You will be an experienced Cyber Risk Leader, with 10+ years of banking/financial services industry experience including 2nd or 3rd line of defence risk experience. You will demonstrate experience in designing and implementing operational risk management practices. With an ability to think and operate at both strategic and operational levels,





you will demonstrate a track record of partnering with senior stakeholders to influence and drive operational change. Expert knowledge of international security and risk-related regulations, legislations, standards of frameworks, including NIST, CPS 234, ISO-27000 series, ISO 31000, SOCI required. Experience leading, attracting and retaining talent for high performance teams is favourable.

How do I apply?

Start here. Just click on the APPLY or APPLY NOW button.

At Westpac, we’re all about creating a supportive culture and ensuring our workplaces, branches, products, and services are accessible and inclusive for everyone—our customers, employees, and the wider community. If you’re interested in discussing workplace flexibility, please feel free to mention it in your application.

#J-18808-Ljbffr

▶️ Head of Cyber Risk
🖊️ Westpac
📍 Haymarket