Analyst – Cyber Risk Quantification
Overview
Support the development, formalisation, and ongoing maintenance of a robust cyber risk quantification framework, governance, and reporting. This role applies quantitative models and tools to assess the financial and operational impact of cyber risk scenarios, ensuring effective integration with broader risk management.
Key Responsibilities
Contribute to the design, implementation, and continuous improvement of the cyber risk quantification framework to ensure relevance and effectiveness.
Assist in formalising governance structures and processes, clarifying roles, responsibilities, and escalation paths.
Support the establishment and maintenance of governance mechanisms overseeing framework application.
Ensure risk quantification activities comply with internal policies, regulatory requirements, and best practices.
Participate in periodic reviews and audits to maintain effectiveness and compliance.
Apply quantitative models to assess financial and operational impacts of cyber risk scenarios, producing actionable outputs.
Map key assets and data sources to inform analysis.
Prepare clear, high-quality reports that communicate risk in financial and operational terms, supporting enterprise risk reporting and decision-making.
Track and report key metrics, scenario outcomes, and control effectiveness, ensuring integration with enterprise risk reporting.
Collaborate with the Senior Manager, Cyber Risk Quantification, and stakeholders to enhance framework, governance, and reporting processes.
Promote knowledge sharing and best practice development within the cyber risk quantification domain.
Skills & Experience
Strong analytical and problem-solving skills, with a focus on quantitative analysis.
Understanding cyber risk management, information security, and enterprise risk governance.
Experience in data analysis, risk modelling, or reporting within risk, security, or compliance contexts.
Familiarity with quantitative risk assessment tools and methodologies (desirable).
Excellent written and verbal communication skills, able to present complex information clearly.
Collaborative approach and commitment to continuous improvement.
Preferred Background
Experience supporting the development or maintenance of risk frameworks, governance processes, or risk reporting (advantageous).
Exposure to cyber risk quantification, scenario analysis, or financial impact assessment (preferred).
Understanding of regulatory and board requirements for cyber risk reporting (desirable).
CBA Mindsets & Behaviors
Role model CBA’s Leadership Principles: obsess over customers, create exceptional teams, lead as an owner, be curious and humble.
Advocate for continuous improvement, agile maturity, and customer focus within the squad and broader Cyber Generalist community.
Ensure all activities align with CBA’s purpose, values, and Code of Conduct.
If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We’re keen to support you with the next step in your career.
We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.
