- Adhere to the Third-Party Technology & Cyber Risk Management Framework and support the delivery of associated strategy, target state roadmap, and supporting processes and procedures.
- Conduct in-depth risk assessments and due diligence on potential and existing third-parties to identify risks and compliance gaps.
- Engage third-parties based on the non-compliance and potential cyber security issues identified via continuous passive security posture management technologies. Conduct risk assessments and develop a plan with the third-parties to remediate non-compliance and/or potential security issues.
- Establish and maintain the governance structure for ongoing management of third-party relationships, including regular performance and compliance reviews.
- Collaborate with all technology teams to embed effective vendor management practices aligned to the TAL Procurement Procedure and Vendor Management Model.
- Identifying potential areas for improvement for vendor governance, enhancement and upgrade by maintaining a good working knowledge of all services provided to TAL business units.
- Collaborate with the Cyber Threat Management function and engage material and high risk third-parties to determine their exposure to critical and actively exploited external-facing vulnerabilities, as well as their security posture against emerging attacker tactics and techniques.
- Assist with the assurance and compliance activities to demonstrate the effectiveness of Third-Party Technology & Cyber Risk Management function. Address the corrective actions and resolve gaps identified during the assurance and compliance activities.
- Support and assist with the negotiation, implementation, and management of technology and cyber clauses in the third-party contracts with the Legal. Uplift those technology and cyber clauses in the contractual terms in line with regulatory and threat environment changes, as needed.
- Monitor and report on third-party compliance with technology and security requirements as well as their performance against contracts, and coordinate the corrective action, as needed.
- Stay abreast of regulatory changes and industry best practices related to Third-Party Technology and Cyber Risk management to ensure the policies and procedures are up-to-date.
- Develop and deliver training to internal stakeholders on Third-Party Technology & Cyber Risk Management practices.
- Collaborate with cross-functional teams, including Technology, Risk (Line 2), Audit, Legal, Compliance, and Procurement, to ensure a cohesive and integrated approach to Third-Party Technology & Cyber Risk Management.
- Support the TAL Cyber Security Report to Group Partners to demonstrate TAL's security posture on an annual basis. Lead the activities required to complete the Report, including but not limited to engaging various parts of Technology and the wider Business Units, collecting supporting evidence, leading interviews/workshops with the independent assessor.
- Respond to technology risk and cyber security related questions raised by Group Partners through the Business Units on an ongoing basis, and attend periodic governance meetings with the Group Partners as a representative of Technology & Cyber Risk function.
- Bachelor's degree in Business, Finance, Information Technology, or a related field. Relevant professional certifications (e.g., CISM, CRISC, CISSP) is a plus.
- Minimum of 2 years of experience in Third-Party Risk Management, Technology Risk, Cyber Security, or a related field with proven experience of supporting, implementing and managing third party risk management programs.
- Strong understanding of regulatory compliance standards relevant to third-party risk and security (e.g., APRA CPS234 / CPS230, SOX, ISO 27001, NIST CSF, Privacy Act, SOCI, etc.).
- Strong communication skills with the ability to translate risk into business impact.
- Self-starter with strong organisational skills in a highly-adaptive and a fast-paced environment.
- Customer-oriented mindset and ability to apply collaborative approach to achieving business outcomes.
- Thinker and doer with a pragmatic approach to make decisions and at the same time focused on outcomes.
-
Cyber Security Analyst
1 day ago
Salt Recruitment Sydney, Australia**CYBER SECURITY ANALYST** · - Permanent opportunity · - Attractive remuneration · - Location: Sydney/Melbourne · The Security Analyst will perform information security and process review to identify and develop business security and functional requirement specification. Reports ...
-
Cyber Governance Analyst
3 days ago
Talent International Sydney, Australia**Job Details**: · **Location** · Sydney · **Salary** · AU$ AU$ per annum + plus bonus · **Job Type** · Full Time · **Ref** · BBBH97822_ · **Contact** · Elliott Howard · **Posted** · about 1 hour ago · **A leading Financial Services provider is seeking a Cyber Governance Analyst ...
-
Cyber Security Analyst
3 days ago
Kaizen Global Technologies Pty Ltd Pyrmont, AustraliaWe are looking for a Senior Cyber Security Analyst for our client. · As a Cyber Security Analyst, you will be a part of our Cybersecurity and Tech Risk Management team. Protecting the business, staff and community from threats. You will be developing and maintaining information s ...
-
Cyber Security Analyst
3 days ago
NSW Government -NSW Education Standards Authority Sydney, Australia**Join us to make a difference for all students in NSW** · **Position details** · - Clerk Grade 7/8 · - Ongoing, Full Time · - Close to transport & hybrid work arrangements available · **About the role** · We are looking for a Cyber Security Analyst to perform a wide range of sec ...
-
Cyber Intelligence Analyst
1 day ago
Commonwealth Bank Sydney, Australia**You are **a forward thinking Cyber Security specialist with a key focus on building a future career in threat intelligence. · - **We're supportive **in development and growth providing security insights and expertise using open and closed source technology. · - **Together we ** ...
-
Cyber Security Analyst
4 days ago
Scentre Group Sydney, Australia**Why Scentre Group?** · Scentre Group is the owner and operator of 42 Westfield living centres in Australia and New Zealand. Our purpose is to create extraordinary places, connecting and enriching communities. · We partner with the world's leading retail brands to create the pla ...
-
Cyber Security Analyst
4 days ago
University of New South Wales Sydney, Australia**Job no**: 518959 · **Work type**: full time · **Location**: Sydney, NSW · **Categories**: Information Technology, Cyber · - Full time continuing role as a Cyber Security Analyst · - Excellent salary package including generous superannuation · - Working within a flagship securit ...
-
Cyber Security Analyst
13 hours ago
Nine North Sydney, AustraliaCompany DescriptionNine. Australia's Media Company. · Underpinned by our people, our strategic focus is on content, connections and growth. · Driven by our purpose - Australia belongs here - and guided by our values - walk the talk, turn over every stone, keep it human - we are t ...
-
Cyber Security Analyst
3 days ago
Nine North Sydney, AustraliaCompany Description · Nine. Australia's Media Company. · Underpinned by our people, our strategic focus is on content, connections and growth. · Driven by our purpose - Australia belongs here - and guided by our values - walk the talk, turn over every stone, keep it human - we ar ...
-
Cyber Security Analyst
4 days ago
Healius Sydney, Australia**Date**:29 Aug 2023 · **Location**: Sydney, New South Wales, AU, 2000 · **Company**:Healius · **Brand**: Healius · **Job reference number**:#6022 · **Work type**: Full Time (Permanent) · **Job location**: Sydney · Healius is an Australian publicly listed healthcare company provi ...
-
Junior Cyber Security Analyst
1 day ago
Talent International Sydney, Australia**Job Details**: · **Location** · Sydney · **Salary** · Negotiable · **Job Type** · Full Time · **Ref** · BBBH101737_ · **Contact** · Zane Khan · **Posted** · about 1 hour ago · Talent International have partnered with one of the fastest growing systems integrators in the market ...
-
Cyber Intelligence Analyst za00
2 days ago
Hatch Sydney, Australia** This role is at Commonwealth Bank (not for Hatch)** · Hatch is supporting Commonwealth Bank to find a great Cyber Intelligence Analyst to join their Business Operations and Strategy team. Hatch exists to level the playing field for people as they discover a career that's right ...
-
Cyber Threat Defense Analyst
3 days ago
Macquarie Group Limited Sydney, AustraliaJoin Macquarie's Cyber Threat Incident Response (CTIR) team based in our Sydney office as a Cyber Threat Defense Analyst. In this role, you will be working alongside a diverse team in multiple offices around the globe and be responsible for detecting, identifying, triaging, and m ...
-
Cyber Vulnerability Management Analyst
4 days ago
AMP Limited Sydney, AustraliaThe Vulnerability Management Analyst role is a business focused, yet hands-on technical role, focusing on vulnerability management identification, and supporting our Compliance and technical teams in successful vulnerability remediation. This includes working with our managed ser ...
-
Cyber Security Operations Analyst
4 days ago
AC3 Sydney, AustraliaDevelop your career in a leading Australian owned MSP · - Voted #4 Best Place to Work in Australia · - Largest Australian IT Service Provider for NSW Government · **DISCLAIMER**: · **Australian/New Zealand Permanent Residency or Citizenship and being located in Sydney is a mandat ...
-
Cyber Response Analyst Data Loss Prevention
2 days ago
Macquarie Group Limited Sydney, AustraliaOur diverse and global team are responsible for the Cyber Threat and Incident Response Program's High Risk Data Loss Prevention surveillance. You'll help the security leadership team run and maintain this critical program and grow the program's threat-driven risk structure and cu ...
-
Senior Cyber Analyst
6 days ago
Tal Haymarket, Australia Full timeSenior Cyber Analyst - Third Party Tech & Cyber RiskTALWe offer flexibility by letting you tailor your cover to suit your individual needs. · Quick and easy to apply. · Get An Online Quote.View company pageFrom the millions of Australians we protect, to those that make it happen ...
-
Cyber Response Analyst
1 day ago
Macquarie Sydney, Australia Full timeOur diverse and global team are responsible for the Cyber Threat and Incident Response Program's High Risk Data Loss Prevention surveillance. You'll help the security leadership team run and maintain this critical program and grow the program's threat-driven risk structure and cu ...
-
Cyber Security Analyst
5 days ago
FinXL Sydney, AustraliaOur Client is looking for Cyber Security Analyst/ Engineer to assist for a 3 month contract on Cybersecurity configuration and patching work. · ASAP Start · Onsite at Lewisham with potential for Macquarie Park · 3 Months short term contract · Skills Required: · Hands on experien ...
-
Cyber Security Analyst
7 hours ago
Covestic Inc Sydney, AustraliaThe Cyber Security Team Lead supports and manages day-to-day SOC, personnel, projects and issues. This person is responsible for coaching and offering feedback to Analysts, as well as the daily execution of the service. · How You Will Make an Impact: · Lead, develop and support t ...
Senior Cyber Analyst - Sydney, Australia - Tal Services Limited
Description
Company Description
Welcome to This Australian Life.
From the millions of Australians we protect, to those that make it happen every day at TAL, people really are what we're all about. We want to grow with you. Achieve with you. And support you to do your best work. That's why we're focused on developing leadership, promoting diversity, rewarding excellence and retaining great talent.
We're always looking for people who want to go further with us. People who do what's right, aim high, and work smart. Why not see where we can go?
Job Description
The Senior Cyber Analyst is part of the Third-Party Tech & Cyber Risk which is part of the Technology & Cyber Risk function within the Technology Business Unit. This role will support the manager in aligning to the strategy and execution of our third-party technology risk management, third party cyber security management, relevant technology and cyber clauses within the contractual management process and overall governance of technology third parties. This role is responsible for adhering to and identifying improvements to relevant frameworks, policies, practices and controls to maintain the risk posture within the appetite.
Key accountabilities:
Qualifications
Additional Information
At TAL we value diversity in all its forms and are committed to fostering an inclusive and equitable culture for all our people. We encourage Aboriginal and Torres Strait Islander people, individuals from all backgrounds, including those with caring responsibilities, people living with disability, and individuals from the CALD and LGBTQI+ communities to apply. Even if you don't check every box in the criteria above, we encourage you to apply today or get in touch with us here.
To provide you with the best experience, we can accommodate you at any stage of the recruitment process. Simply inform our Recruitment team at any time.
TAL is recognised by the Workplace Gender Equality Agency as an Employer of Choice. We are proud to be a member of Diversity Council Australia and the Australian Network on Disability. For information on our reconciliation journey, take a look at our Innovate Reconciliation Action Plan.
We acknowledge the Traditional Custodians of the Land in which our Head Office is based, the land of the Gadigal people of the Eora Nation, and recognise their deep connections to the land, sea, and culture.
We extend this acknowledgment to the many Traditional Lands that we operate across and pay our respects to Elders past, present, and emerging.
Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves. Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day. Risk management is everyone's responsibility.
If you are already a TAL employee please apply via the SmartRecruiters button in Workday and navigate to the Employee Portal. This is important to ensure that your application is recorded accurately.