Head of Technology Risk

• Help protect over 5 million Australians, making a real difference in their lives during their most challenging times.
• Work with experienced and skilled colleagues who support and inspire one another to achieve collective success
• Our competitive benefits package includes everything from financial literacy to health and wellness initiatives, designed with your well-being in mind 

Welcome to TAL. As a leading life insurer, we’ve been protecting Australians for over 150 years. Backed by Daiichi Life, we're driven by big ambitions and empower to create better products and services. 

Together with our Partners, we’re helping millions of Australians live a life filled with choices, options, and freedoms. See the direct impact you make delivering support and financial security with care and expertise. Grow beyond expectations with diverse roles, global connections, and exclusive learning opportunities. 

Work with passionate, bright and capable colleagues. Feel inspired by supportive leaders. Collaborate with heart, where flexibility, wellbeing and inclusivity is valued. Together, we're reimagining insurance. 

So, bring a curious mind and an ambition to help us become the progressive, digitally enabled leading insurer. 

The Head of Technology Risk is responsible for establishing and governing TAL’s Technology Risk Management framework, providing independent oversight of the risks arising from the organisation’s technology landscape, digital transformation programs, and data assets. This role ensures that TAL’s technology risk profile is clearly understood, actively managed, and reported within the Board’s approved risk appetite, and that TAL meets its obligations under APRA CPS 230, CPS 234, and CPS 220.

This is a critical first-line-of-defence leadership role within the Technology function, working in close partnership with the CIO, the broader Technology Leadership Team, Enterprise Risk, and the CISO to embed a strong risk management culture across all technology domains. The Head of Technology Risk is accountable for ensuring that technology risk is identified, assessed, and governed with rigour and transparency, and for providing the CIO and Board with the assurance needed to make confident, risk-informed decisions about TAL’s technology investment and operations.

In this role you will:

• Own and continuously enhance TAL’s Technology Risk Management framework, ensuring alignment with Enterprise Risk Management and APRA standards across all risk domains (e.g. cyber, cloud, data, AI, change).
• Lead end-to-end identification, assessment, and monitoring of technology risks, maintaining the Technology Risk Register and escalating material risks to the CIO and relevant committees.
• Provide independent oversight of compliance with key APRA standards (CPS 230, CPS 234, CPS 220), including control effectiveness, remediation tracking, and regulatory engagement support.
• Deliver executive-level technology risk reporting, highlighting risk profile, key trends, control performance, and remediation progress against risk appetite.
• Lead Technology Operational Resilience, including critical operations, tolerance setting, and business continuity/disaster recovery governance and testing.
• Oversee risk assessment for major technology initiatives (e.g. cloud, AI, transformation), ensuring risks are identified early and managed within appetite before execution.
• Drive risk appetite, assurance, and culture across Technology, including KRIs, audit remediation, cross-functional alignment (Risk, Compliance, Legal, CISO), psychosocial risk management, and leadership of the Technology Risk team (including FAR obligations).

• Minimum of 10 years of experience in a combination of technology risk, operational risk, IT audit, or technology governance, with at least three years in a Senior Manager or above role leading technology risk management functions within a highly regulated sector such as financial services, insurance, or banking.
• Deep knowledge and practical experience of APRA prudential standards applicable to technology and operational risk, specifically CPS 230 (Operational Risk Management), CPS 234 (Information Security), and CPS 220 (Risk Management), and their application within a life insurance or financial services context.
• Strong understanding of technology risk domains including infrastructure risk, cloud risk, application risk, data risk, cyber risk, AI risk, and technology change risk — and the ability to assess and govern each within a structured risk management framework.
• Demonstrated experience designing and operating technology risk frameworks, including risk appetite and tolerance frameworks, key risk indicator (KRI) programs, control self-assessment processes, and technology risk registers within a regulated financial services environment.
• Strong knowledge of industry risk frameworks and standards including NIST CSF, ISO 31000, COBIT, and ITIL, with the ability to apply these pragmatically in a technology organisation undergoing digital transformation and cloud adoption.
• Industry-recognised professional certifications such as CRISC, CISM, CGEIT, or CISSP are highly regarded.

TAL is one of Australia’s leading life insurers, committed to inclusion, and supporting the career growth of our diverse workforce. We’re proud to be:  

• An Inclusive Employer – Recognised as Employer of Choice for Gender Equality by the Workplace Gender Equality Agency from 2014 to 2025 and 2023 to 2026 Bronze Tier Status within the Australian Workplace Equality Index  
• Diversity Champions – Member of Diversity Council Australia, Australian Disability Network, Pride in Diversity and Champions of Change  
• Reconciliation Advocates – Read our Innovate Reconciliation Action Plan. 
• We welcome applications from people with diverse experiences, perspectives and backgrounds including Aboriginal and Torres Strait Islander people, caregivers, individuals with disability/ies, people from culturally diverse backgrounds and the LGBTQ+ community.  
• Need adjustments during the recruitment process? Let our team know by getting in touch with us here.—we’re here to support you. 

You’re always accountable for your actions. You never give up. You strive to find the best outcomes for customers and partners. And you value working together to find the best solutions for problems.   

As part of the recruitment process, there are several checks which may be conducted to demonstrate your eligibility for a role at TAL including Criminal History, Bankruptcy, Entitlement to Work, Regulatory and Reference Checks.  

#LI-Hybrid  

Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves. Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day. Risk management is everyone’s responsibility.

If you are already a TAL employee please apply via the SmartRecruiters button in Workday and navigate to the Employee Portal. This is important to ensure that your application is recorded accurately.