Australian Financial Complaints Authority (AFCA) Logo

Australian Financial Complaints Authority (AFCA)

Technology Governance & Risk Lead

Posted 20 Days Ago
Be an Early Applicant
Hybrid
Sydney, New South Wales, AUS
Senior level
Hybrid
Sydney, New South Wales, AUS
Senior level
Lead and mature technology and cyber risk frameworks for AFCA's digital platforms. Define solution architecture for the Digital Experience Platform, ensure security/privacy/regulatory compliance, advise delivery/product teams, manage architectural risks and technical debt, collaborate with vendors, and evolve enterprise architecture standards and policies.
The summary above was generated by AI
Company Description

Fairness feels good

Make a real impact at AFCA. Where fairness drives every decision. Help us deliver world-class, independent complaints resolution for Australians. As a not-for-profit and progressive financial ombudsman, we’re championing positive change. Achieving our purpose takes progressive thinking, accountability and resilience. At AFCA, our inclusive leadership values every voice. We offer our people flexible work options, thoughtful benefits and opportunities to deepen expertise. Flourish in a diverse, caring culture. Feel the difference of belonging to an organisation intentionally designed to put people first.

Job Description

We’re seeking a Technology Governance & Risk Lead to play a critical leadership role in shaping and maturing AFCA’s technology and cyber risk management frameworks.

Reporting to the Head of Cyber Security & Risk, you’ll act as a trusted advisor across Technology and Enterprise Risk, ensuring our platforms, data and transformation programs operate securely within an evolving regulatory landscape. 

You’ll bridge governance and delivery—embedding risk-aware practices that support both strong compliance and modern engineering velocity.

In this role you will:

  • Define and own the end‑to‑end solution architecture for the Digital Experience Platform, including website, digital applications, integration and supporting services. 
  • Translate customer experience and business requirements into practical, implementable architectures aligned to enterprise standards. 
  • Lead architecture design across digital channels, content management, workflow, integration, data and security layers. 
  • Work closely with Delivery Leads, Product Owners and business stakeholders to ensure architectural decisions support delivery outcomes and customer journeys. 
  • Provide hands‑on architectural guidance to delivery teams, including solution design, patterns, and trade‑off decisions. 
  • Ensure solutions meet security, privacy, risk and regulatory requirements in a financial services or regulated context. 
  • Collaborate with vendors, system integrators and partners to ensure solution designs align to target architecture and agreed standards. 
  • Identify and manage architectural risks, technical debt and dependency impacts across the program. 
  • Contribute to the evolution of enterprise and digital architecture standards, patterns and roadmaps.

Qualifications

You’re a strategic and commercially aware cyber risk professional who can translate complexity into clear, actionable insights.

You’ll bring:

  • Extensive experience directing comprehensive threat evaluations and diagnosing sophisticated cyber security risks within highly regulated financial services or digital platform environments. 
  • Deep operational understanding of sovereign compliance and threat mitigation frameworks, including the ASD Information Security Manual (ISM) and Essential Eight, and relevant ASIC obligations. 
  • Demonstrated capability to evaluate control effectiveness and map technical workflows against tier-one frameworks, specifically ISM/NIST CSF 2.0, ISO/IEC 27001, the Australian Privacy Principles (APPs), and expectations under APRA CPS 230 and CPS 234. 
  • Practical knowledge of identifying structural risks associated with advanced analytics, model integrity, and emerging automated tools, ensuring alignment with sovereign AI safety guidance and data security standards. 
  • Proven track record of architecting, managing, and continuously monitoring dynamic registers dedicated to capturing information security vulnerabilities and complex supply chain risks. 
  • Elite professional writing and presentation skills, with a focus on translating complex technical vulnerabilities into clear, high-level risk reports for senior management, risk committees, and external compliance partners. 
  • Expert ability to draft, modernise, and regularly evaluate enterprise-wide technology guidelines, internal security standards, and governance policies to match changing organisational profiles. 
  • Extensive background acting as a trusted internal advisor to product and infrastructure teams, providing practical mitigation strategies that protect sensitive architectures without halting delivery momentum. 
  • Hands-on experience collaborating across diverse business segments to establish robust data classification, handling protocols, and protective measures for dense repositories of highly sensitive member data and consumer PII. 

Additional Information

  • Silver AWEI Accreditation 2025 – Recognised for LGBTQ+ workplace inclusion.
  • Accredited Family Friendly Workplace – Supporting work-life balance and inclusivity.
  • Hybrid working – Flexible arrangements with two days a week in our modern offices designed for collaboration and wellbeing.
  • Additional and inclusive leave options – Flexible public holidays, gender affirmation leave, women’s health leave, and bonus paid time off over the end of year holiday period.

To apply

If you’re passionate about fairness and believe your skills align with this role, we encourage you to apply even if you don’t meet every single criterion.

We welcome applications from people of all backgrounds, cultures, abilities, sexual orientations, and gender identities. If you require any accessibility support during the recruitment process, please reach out to our team at [email protected].

We believe fairness starts with people. That’s why we don’t use AI or automated tools to screen candidates. As a result, our processes may take a little longer, and we thank you for your patience.

About AFCA

The Australian Financial Complaints Authority (AFCA) was established in 2018 as a private not-for-profit ombudsman service providing free, fair and independent help with financial disputes. The original team has grown to over 1600 dedicated professionals. Since 2018, AFCA has received more than 634,000 complaints, helping to secure $2.1 billion in compensation for consumers. 

AFCA is a 2026 Circle Back Initiative Employer - we are committed to responding to every applicant.

Similar Jobs

An Hour Ago
Hybrid
Sydney, New South Wales, AUS
Entry level
Entry level
eCommerce • Fashion • Retail • Sales • Wearables • Design
Support CRM initiatives across the companys brands by managing customer relationship activities, collaborating with cross-functional teams, and using customer insights to drive engagement and retention. Contribute to campaign execution, data-driven segmentation, and continuous improvement in customer communications.
4 Hours Ago
In-Office or Remote
Sydney, New South Wales, AUS
Senior level
Senior level
Artificial Intelligence • Cloud • Consumer Web • eCommerce • Information Technology • Software
Build and maintain front-end features with React and TypeScript, refactor legacy code, fix issues across the stack, collaborate with PMs and designers, conduct code reviews, mentor peers, improve developer experience, and drive performance, reliability, and security improvements.
Top Skills: ReactTypescript
4 Hours Ago
In-Office
Sydney, New South Wales, AUS
Expert/Leader
Expert/Leader
Cloud • Information Technology • Internet of Things • Machine Learning • Software • Cybersecurity • Infrastructure as a Service (IaaS)
Lead end-to-end delivery of Managed Services for enterprise customers, ensuring SLAs/KPIs, managing incidents/escalations, driving service improvements, managing budgets, and maintaining customer relationships.
Top Skills: IctItilManaged ServicesNetworkingTelecommunications

What you need to know about the Sydney Tech Scene

From opera to comedy shows, the Sydney Opera House hosts more than 1,600 performances a year, yet its entertainment sector isn't the only one taking center stage. The city's tech sector has earned a reputation as one of the fastest-growing in the region. More specifically, its IT sector stands out as the country's third-largest, growing at twice the rate of overall employment in the past decade as businesses continue to digitize their operations to stay competitive.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account