Head of Technology Risk

The Head of Technology Risk is responsible for establishing and governing TALs Technology Risk Management framework providing independent oversight of the risks arising from the organisations technology landscape digital transformation programs and data assets. This role ensures that TALs technology risk profile is clearly understood actively managed and reported within the Boards approved risk appetite and that TAL meets its obligations under APRA CPS 230 CPS 234 and CPS 220.

This is a critical first-line-of-defence leadership role within the Technology function working in close partnership with the CIO the broader Technology Leadership Team Enterprise Risk and the CISO to embed a strong risk management culture across all technology domains. The Head of Technology Risk is accountable for ensuring that technology risk is identified assessed and governed with rigour and transparency and for providing the CIO and Board with the assurance needed to make confident risk-informed decisions about TALs technology investment and operations.

In this role you will:

• Own and continuously enhance TALs Technology Risk Management framework ensuring alignment with Enterprise Risk Management and APRA standards across all risk domains (e.g. cyber cloud data AI change).
• Lead end-to-end identification assessment and monitoring of technology risks maintaining the Technology Risk Register and escalating material risks to the CIO and relevant committees.
• Provide independent oversight of compliance with key APRA standards (CPS 230 CPS 234 CPS 220) including control effectiveness remediation tracking and regulatory engagement support.
• Deliver executive-level technology risk reporting highlighting risk profile key trends control performance and remediation progress against risk appetite.
• Lead Technology Operational Resilience including critical operations tolerance setting and business continuity/disaster recovery governance and testing.
• Oversee risk assessment for major technology initiatives (e.g. cloud AI transformation) ensuring risks are identified early and managed within appetite before execution.
• Drive risk appetite assurance and culture across Technology including KRIs audit remediation cross-functional alignment (Risk Compliance Legal CISO) psychosocial risk management and leadership of the Technology Risk team (including FAR obligations).

Qualifications :

• Minimum of 10 years of experience in a combination of technology risk operational risk IT audit or technology governance with at least three years in a Senior Manager or above role leading technology risk management functions within a highly regulated sector such as financial services insurance or banking.
• Deep knowledge and practical experience of APRA prudential standards applicable to technology and operational risk specifically CPS 230 (Operational Risk Management) CPS 234 (Information Security) and CPS 220 (Risk Management) and their application within a life insurance or financial services context.
• Strong understanding of technology risk domains including infrastructure risk cloud risk application risk data risk cyber risk AI risk and technology change risk and the ability to assess and govern each within a structured risk management framework.
• Demonstrated experience designing and operating technology risk frameworks including risk appetite and tolerance frameworks key risk indicator (KRI) programs control self-assessment processes and technology risk registers within a regulated financial services environment.
• Strong knowledge of industry risk frameworks and standards including NIST CSF ISO 31000 COBIT and ITIL with the ability to apply these pragmatically in a technology organisation undergoing digital transformation and cloud adoption.
• Industry-recognised professional certifications such as CRISC CISM CGEIT or CISSP are highly regarded.

Additional Information :

TAL is one of Australias leading life insurers committed to inclusion and supporting the career growth of our diverse workforce. Were proud to be:  

• An Inclusive Employer Recognised as Employer of Choice for Gender Equality by the Workplace Gender Equality Agency from 2014 to 2025 and 2023 to 2026 Bronze Tier Status within the Australian Workplace Equality Index  
• Diversity Champions Member of Diversity Council Australia Australian Disability Network Pride in Diversity and Champions of Change  
• Reconciliation Advocates Read our Innovate Reconciliation Action Plan. 
• We welcome applications from people with diverse experiences perspectives and backgrounds including Aboriginal and Torres Strait Islander people caregivers individuals with disability/ies people from culturally diverse backgrounds and the LGBTQ community.  
• Need adjustments during the recruitment process Let our team know by getting in touch with us  here to support you. 

Yourealwaysaccountable for your actions. You never give up. You strive to find the best outcomes for customers and valueworking together to find the best solutions for problems.  

As part of the recruitment process there are several checks which may be conducted to demonstrate your eligibility for a role at TAL including Criminal History Bankruptcy Entitlement to Work Regulatory and Reference Checks.  

#LI-Hybrid 

Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves. Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day. Risk management is everyones responsibility.

If you are already a TAL employee please apply via the SmartRecruiters button in Workday and navigate to the Employee Portal. This is important to ensure that your application is recorded accurately.

Remote Work :

No

Employment Type :

Full-time