Control Manager Identity for AI
Commonwealth Bank
Control Manager – Identity for AI
- You are a problem solver who thrives in ambiguity and enjoys shaping new capabilities from the ground up.
- We are one of the best and most advanced Cyber Security teams in Australia.
- Together we can help ensure AI is adopted safely, securely and responsibly across the Group.
Your business
The Technology division delivers the Group's information technology and banking operation functions to ensure the highest levels of customer service through world-class process excellence and technology innovation. Cyber Security protects the bank and our customers from theft, loss and risk events through effective and proactive management of cyber security, privacy and operational risk.
We support our people with the flexibility to balance where work is done, with at least half your time each month connecting in the office. We also have many other flexible working options available including changing start and finish times, part-time arrangements and job share to name a few. Talk to us about how these arrangements might work for you.
Your new team
The Cyber Controls Chapter Area plays a crucial function within the Group Security division, responsible for designing and deploying effective cyber control capabilities and driving continuous improvement of the Group's cyber risk profile.
The Identity Lifecycle Management team, part of the Cyber Controls Chapter, manages core cyber security controls across the identity and access landscape. As AI adoption accelerates across the Group, the team is leading the development of a new generation of identity controls to address the unique risks introduced by AI agents, dynamic authorisation and emerging identity architectures.
Your impact and contribution
As Manager – Identity for AI Controls, you'll lead the design and governance of new cyber security controls that manage identity risks associated with AI and Agentic AI across the Group.
This is a unique opportunity to help shape the Group's future AI control environment. You'll lead delivery of a high-profile Risk Management Declaration (RMD) commitment by defining new Identity for AI control requirements, control objectives and control criteria that underpin the Group's approach to secure AI.
Working across Cyber Security, Identity, Enterprise Architecture, Risk and AI engineering teams, you'll translate emerging technologies into practical risk controls, ensuring governance evolves alongside the rapid adoption of AI capabilities.
Your Responsibilities Will Include
- Lead the design and approval of new Identity for AI controls, including defining control purpose, scope, objectives, criteria and supporting governance artefacts.
- Deliver the control and requirements outcomes for a strategic Risk Management Declaration (RMD) commitment, ensuring milestones are achieved through established governance processes.
- Partner with Enterprise Architecture and technology delivery teams to understand emerging AI identity capabilities and ensure control requirements evolve in parallel with solution design.
- Translate complex technical concepts—including AI agent identities, authentication, authorisation, lifecycle management and delegated access—into clear risk statements, standards, guidance and control requirements.
- Navigate complex stakeholder environments to build consensus across Cyber Security, Technology, Risk, Architecture and AI delivery teams.
- Lead the closure of associated RiS issues by coordinating evidence collection, demonstrating control uplift and obtaining endorsement from applicable risk and assurance stakeholders.
- Support the development of Identity for AI standards and guidance to enable consistent implementation across the Group.
- Educate stakeholders on emerging AI identity risks and the importance of a robust control environment.
We are interested in people who
We're looking for someone who enjoys solving new problems where there isn't an established playbook. You'll be comfortable working through ambiguity, influencing diverse stakeholders and translating emerging technology into effective governance and controls.
You'll bring:
- Experience in Cyber Security Controls, Cyber Security Risk, Identity and Access Management, or Technology Risk within a large, complex organisation.
- A foundational understanding of Identity and Access Management concepts, including authentication, authorisation, identity lifecycle management and delegated access.
- A strong risk mindset, with the ability to translate technical concepts into practical control requirements, standards and risk outcomes.
- An interest in AI, Agentic AI and emerging identity-related threats, with a willingness to rapidly build domain expertise.
- Experience designing, assessing or uplifting cyber security controls and working through governance approval processes.
- Excellent stakeholder management and communication skills, with the ability to influence across technology, architecture, engineering and risk functions.
- The ability to work effectively in highly ambiguous environments, bringing structure and clarity to emerging problems while maintaining delivery momentum.
If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We’re keen to support you with the next step in your career.
We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.
Advertising End Date: 16/07/2026