Jobs
>
Sydney

    Manager - Third Party Tech & Cyber Risk - Sydney, Australia - Tal

    Tal
    Tal Sydney, Australia

    Found in: Jobs Search AU C2 - 1 week ago

    Default job background
    Full time
    Description
    TAL We offer flexibility by letting you tailor your cover to suit your individual needs.
    Quick and easy to apply.
    Get An Online Quote.

    View company page From the millions of Australians we protect, to those that make it happen every day at TAL, people really are what we're all about.

    We want to grow with you.
    Achieve with you.
    And support you to do your best work.
    That's why we're focused on developing leadership, promoting diversity, rewarding excellence and retaining great talent.
    We're always looking for people who want to go further with us.
    People who do what's right, aim high, and work smart.

    Why not see where we can go?Job Description The Manager of Third-Party Tech & Cyber Risk will be part of the Technology & Cyber Risk function within the Technology Business Unit and will lead the strategy and execution of our third-party technology risk management, third party cyber security management, relevant technology and cyber clauses within the contractual management process and overall governance of technology third parties.

    This role is responsible for developing and improving relevant frameworks, policies, practices and controls to maintain the risk posture within the appetite.


    Key Accountabilities:

    Strengthen the Third-Party Technology & Cyber Risk Management Framework and lead the delivery of associated strategy, target state roadmap, and supporting processes and procedures.

    Conduct in-depth risk assessments and due diligence on potential and existing third-parties to identify risks and compliance gaps.
    Engage third-parties based on the non-compliance and potential cyber security issues identified via continuous passive security posture management technologies.
    Conduct risk assessments and develop a plan with the third-parties to remediate non-compliance and/or potential security issues.
    Establish and maintain the governance structure for ongoing management of third-party relationships, including regular performance and compliance reviews.

    Collaborate with all technology teams to embed effective vendor management practices aligned to the TAL Procurement Procedure and Vendor Management Model.

    Instituting change in potential areas for improvement for vendor governance, enhancement and upgrade by maintaining a good working knowledge of all services provided to TAL business units.

    Collaborate with the Cyber Threat Management function and engage material and high risk third-parties to determine their exposure to critical and actively exploited external-facing vulnerabilities, as well as their security posture against emerging attacker tactics and techniques.

    Assist with the assurance and compliance activities to demonstrate the effectiveness of Third-Party Technology & Cyber Risk Management function.
    Lead the corrective actions and resolve gaps identified during the assurance and compliance activities.

    Support and assist with the negotiation, implementation, and management of technology and cyber clauses in the third-party contracts with the Legal.

    Uplift those technology and cyber clauses in the contractual terms in line with regulatory and threat environment changes, as needed.

    Monitor and report on third-party compliance with technology and security requirements as well as their performance against contracts, and coordinate the corrective action, as needed.

    Stay abreast of regulatory changes and industry best practices related to Third-Party Technology and Cyber Risk management to ensure the policies and procedures are up-to-date.

    Develop and deliver training to internal stakeholders on Third-Party Technology & Cyber Risk Management practices.

    Collaborate with cross-functional teams, including Technology, Risk (Line 2), Audit, Legal, Compliance, and Procurement, to ensure a cohesive and integrated approach to Third-Party Technology & Cyber Risk Management.

    Lead, mentor, and develop a team dedicated to Third-Party Technology & Cyber Risk Management function.
    Deliver the TAL Cyber Security Report to Group Partners to demonstrate TAL's security posture on an annual basis.

    Lead the activities required to complete the Report, including but not limited to engaging various parts of Technology and the wider Business Units, collecting supporting evidence, leading interviews/workshops with the independent assessor.

    Respond to technology risk and cyber security related questions raised by Group Partners through the Business Units on an ongoing basis, and attend periodic governance meetings with the Group Partners as a representative of Technology & Cyber Risk function.

    Support the RFI/RFP activities led by the Business Units on behalf of Technology & Cyber Risk function.
    Qualifications Bachelor's degree in Business, Finance, Information Technology, or a related field.
    Relevant professional certifications (e.g., CISM, CRISC, CISSP) is a plus.

    Minimum of 5 years of experience in Third-Party Risk Management, Technology Risk, Cyber Security, or a related field with proven experience of supporting, implementing and managing third party risk management programs.

    Strong understanding of regulatory compliance standards relevant to third-party risk and security (e.g., APRA CPS234 / CPS230, SOX, ISO 27001, NIST CSF, Privacy Act, SOCI, etc.).

    Strong communication skills with the ability to translate risk into business impact.
    Self-starter with strong organisational skills in a highly-adaptive and a fast-paced environment.
    Customer-oriented mindset and ability to apply collaborative approach to achieving business outcomes.
    Thinker and doer with a pragmatic approach to make decisions and at the same time focused on outcomes.
    Ability to lead and motivate both direct and indirect team members, and manage a developing team.

    Additional Information At TAL we value diversity in all its forms and are committed to fostering an inclusive and equitable culture for all our people.

    We encourage Aboriginal and Torres Strait Islander people, individuals from all backgrounds, including those with caring responsibilities, people living with disability, and individuals from the CALD and LGBTQI+ communities to apply.

    Even if you don't check every box in the criteria above, we encourage you to apply today or get in touch with ushere.

    To provide you with the best experience, we can accommodate you at any stage of the recruitment process.
    Simply inform our Recruitment team at any time.
    TAL is recognised by the Workplace Gender Equality Agency as an Employer of Choice.
    We are proud to be a member of Diversity Council Australia and the Australian Network on Disability.
    For information on our reconciliation journey, take a look at our Innovate Reconciliation Action Plan.

    We acknowledge the Traditional Custodians of the Land in which our Head Office is based, the land of the Gadigal people of the Eora Nation, and recognise their deep connections to the land, sea, and culture.

    We extend this acknowledgment to the many Traditional Lands that we operate across and pay our respects to Elders past, present, and emerging.

    Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves.

    Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day.

    Risk management is everyone's responsibility.

    If you are already a TAL employee please apply via the Smart Recruiters button in Workday and navigate to the Employee Portal.

    This is important to ensure that your application is recorded accurately.

    Explore more Info Sec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

    #J-18808-Ljbffr
  • LGT Crestone

    Head of Cyber Security and IT Risk

    Found in: Talent AU C2 - 4 hours ago

    LGT Crestone Sydney, Australia Full time

    Your team · Working as a part of the Risk, Legal & Compliance team with overall responsibility to drive all strategic and operational cyber security and IT risk functions. · Working alongside the Head of Technology, senior business and risk executives and project management team ...

  • Jules Remay Consulting

    Cyber Security Consultant

    Found in: JobGet AU C2 - 1 day ago

    Jules Remay Consulting Sydney, Australia Full time

    Currently searching for a Cyber Security Consultant with expertise in the following Cyber security Governance, Threat Analysis and risk Management Co-design of secure architectures. · Interaction with business oriented architects, bringing security to them. · Liaisons with risks ...

  • Pyramid Global Technologies

    Cyber security specialist

    Found in: Talent AU C2 - 4 hours ago

    Pyramid Global Technologies New South Wales, Australia Full time

    About the job Cyber security specialist · Job Description for Cyber Security Specialist in Melbourne/Sydney · A minimum of 10 years of experience in cyber security roles within major organizations, focusing on management of governance, risk, and compliance. · Relevant industry ce ...

  • CommBank

    Senior Manager Risk and Controls

    Found in: Talent AU C2 - 3 days ago

    CommBank Sydney, Australia Full time

    Senior Manager Risk and Control Enablement (Cyber Security) · See yourself in our team: · Technology CCO is responsible for the world leading application of technology and operations across every aspect of CommBank, from innovative product platforms for our customers to essential ...

  • Abbtechnologies

    Cyber Security Architect – Permanent

    Found in: JobGet AU C2 - 1 day ago

    Abbtechnologies Sydney, Australia

    Reporting to the Chief Architect of IT Strategy, the Cyber Security Architect is required to provide subject matter expertise to protect ***** cyber assets, data, intellectual property and its operations. · Your role will involve activities ranging from development and enhancemen ...

  • Pyramid Global Technologies

    Cyber Security Specialist

    Found in: Talent AU C2 - 4 hours ago

    Pyramid Global Technologies New South Wales, Australia Full time

    About the job Cyber Security Specialist · Job Description: · A minimum of 10 years of experience in cyber security roles within major organisations, focusing on management of governance, risk, and compliance. · Relevant industry certification(s) such as CISSP, CISM, CRISC, CISA, ...

  • WTW

    Senior Consultant

    Found in: Talent AU C2 - 2 days ago

    WTW Sydney, Australia Full time

    The WTW Cyber and Technology Risk Team is unlike anything you have seen before. We are risk and strategy-driven and deliver broad services to help our clients assess and respond to cyber security, incident response, claims, insurance, technology law and governance. · Our team is ...

  • Tal Services Limited

    Senior Cyber Analyst

    Found in: Talent AU C2 - 4 hours ago

    Tal Services Limited Sydney, Australia Full time

    Company Description · Welcome to This Australian Life. · From the millions of Australians we protect, to those that make it happen every day at TAL, people really are what we're all about. We want to grow with you. Achieve with you. And support you to do your best work. That's w ...

  • Willis Towers Watson

    Security -

    Found in: Talent AU C2 - 2 days ago

    Willis Towers Watson Sydney, Australia Full time

    The WTW Cyber and Technology Risk Team is unlike anything you have seen before. We are risk and strategy-driven and deliver broad services to help our clients assess and respond to cyber security, incident response, claims, insurance, technology law and governance. · Our team is ...

  • News Corporation

    Newsroom Security – Associate Digital Intelligence Analyst

    Found in: JobGet AU C2 - 1 day ago

    News Corporation Sydney, Australia

    Newsroom Security - Associate Digital Intelligence Analyst - News Corp · About News Corp: · News Corp is a global, diversified media and information services company focused · on creating and distributing authoritative and engaging content and other products · and services. The c ...

  • Macquarie Group

    Governance Risk and Compliance

    Found in: Talent AU C2 - 1 day ago

    Macquarie Group Sydney, Australia Permanent - Full time

    Our diverse and global team are responsible for the Cyber Threat and Incident Response Program's cyber regulatory engagement and response, cyber risk assessment and obligation management, and organizational risk compliance and reporting. You'll help security leadership develop an ...

  • Challenger Limited

    Manager, Cyber Security Response and Business Resilience

    Found in: Talent AU C2 - 4 hours ago

    Challenger Limited Sydney, Australia Full time

    Key responsibilities: · Business Resilience framework · work with all areas of Challenger to ensure quality Cyber, business resilience plans are in place, fit for purpose and periodically tested and refreshed. · Continue to enhance Cyber playbooks, Impact Assessments and DR proce ...

  • Pyramid Global Technologies

    Regional Head

    Found in: Talent AU C2 - 4 hours ago

    Pyramid Global Technologies New South Wales, Australia Full time

    About the job Regional Head - Cyber Security Delivery ·  This role is responsible for all design and delivery aspects of technology risk and cyber security, including successful coordination and outcomes of security control delivery, management of technology and cyber risks, and ...

  • Helia Group

    Risk & Compliance Analyst

    Found in: JobGet AU C2 - 2 days ago

    Helia Group Sydney, Australia

    Risk & Compliance Analyst page is loaded · Risk & Compliance Analyst · Apply locations Sydney, NSW time type Full time posted on Posted 2 Days Ago job requisition id JR Helia, as Australia's first Lenders Mortgage Insurance (LMI) provider, with over 50 years expertise in the Au ...

  • eFinancialCareers Ltd.

    Prudential Risk Manager

    Found in: JobGet AU C2 - 4 days ago

    eFinancialCareers Ltd. Sydney, Australia

    Prudential Risk Manager | Operational Resilience and Technology Risk · Prudential Risk Manager | Operational Resilience and Technology Risk · Macquarie Group Limited Sydney, Australia Posted 4 days ago Permanent Competitive · Prudential Risk Manager | Operational Resilience and ...

  • eFinancialCareers Ltd.

    Analyst | Prudential Risk

    Found in: JobGet AU C2 - 4 days ago

    eFinancialCareers Ltd. Sydney, Australia

    Analyst | Prudential Risk · Macquarie Group Limited Sydney, Australia Posted 4 days ago Permanent Competitive · Analyst | Prudential Risk · Analyst | Prudential Risk · Sydney · Our Prudential Risk team work with a wide range of stakeholders across Macquarie's senior management ...

  • University of New South Wales

    Cyber Security Architect

    Found in: Talent AU C2 - 3 days ago

    University of New South Wales Sydney, Australia Full time

    Employment: Full time (35 hours per week) · Duration: Continuing · Remuneration: Excellent salary package including leave loading and generous superannuation · Location: Based in Kensington, Sydney (hybrid working available) · About UNSW Sydney: · UNSW isn't like other places you ...

  • University of New South Wales

    Snr Cyber Security Architect

    Found in: Talent AU C2 - 2 days ago

    University of New South Wales Sydney, Australia Full time

    Employment Type: continuing full time role · Excellent salary package available · Location: UNSW Kensington Campus (Hybrid Working Opportunities) · About UNSW: · UNSW isn't like other places you've worked. Yes, we're a large organisation with a diverse and talented community, a c ...

  • Marsh McLennan Companies

    Senior Cyber Incident Management Consultant

    Found in: Talent AU C2 - 4 days ago

    Marsh McLennan Companies Barangaroo, Australia Full time

    Description: · Marsh is seeking candidates for the following position, based in the Sydney office: · Senior Cyber Incident Management Consultant · What can you expect? · An exciting opportunity has become available for a Senior Cyber Incident Management (CIM) Specialist to joi ...

  • People's Choice

    Cyber Incident Response Specialist

    Found in: Talent AU C2 - 4 hours ago

    People's Choice South Australia Full time

    About the role · In this critical role, you will provide rapid response and containment capability to address critical cyber incidents so that the interests of People First Bank and its members are protected from compromised data or services. You will play a distinct cybersecurit ...