Third Party Risk Manager - Cyber and Technology
Apply now
Job no:
******
Work type:
Permanent Full Time
Location:
Sydney
Categories:
IT
Overview
As the Third Party Risk Manager – Cyber and Technology, you will lead Scentre Group's enterprise program to reduce cyber, technology, and privacy risks associated with third parties. Partnering with senior leaders across HR, Legal, Privacy, Enterprise Risk, Technology, and Cyber Security, you'll define and operationalise processes to assess and monitor vendors. Supported by the Head of Cyber & Technology Risk, you'll drive policy, program delivery, and behaviour change to uplift and embed a robust Third Party Risk function.
You will set the direction, define scope, and ensure the program delivers against business objectives and regulatory obligations.
Day-to-day responsibilities
Driving the Cyber & Technology Third Party Risk strategy and delivering a 12-month roadmap aligned to business objectives and regulatory obligations
Acting as the primary advisor to business leaders on third party cyber, technology, and privacy risks
Championing adoption of third-party risk management practices across the organisation
Contributing to governance forums and providing clear, risk-based insights and assurance reporting
Developing and maintaining policies, standards, and practical guidance for vendor risk management
Performing and overseeing risk assessments and monitoring, including the use of posture management platforms
Providing subject matter expertise during third party incidents and mentoring junior analysts to build capability
What sets you apart
You will be a collaborative influencer who builds trust across business and technology teams, translating technical detail into clear commercial language. With 5+ years in third party risk, information security, or privacy, you bring proven experience leading improvement initiatives and engaging senior stakeholders.
Key qualifications
5+ years' experience in third party risk, information security, privacy, or related disciplines
Strong ability to design frameworks, drive processes, and deliver assessments end-to-end
Proven track record engaging and influencing senior stakeholders
Familiarity with third party risk platforms (e.g., UpGuard, CyberGRX) and translating technical detail into business outcomes
Solid understanding of privacy, regulatory, and compliance requirements relevant to Australia
About us
Scentre Group owns 42 Westfield destinations across Australia and New Zealand. We create extraordinary places and experiences that connect and enrich communities.
We are focused on our customers and creating more reasons for more people to visit our Westfield destinations more often and for longer.
With approximately 75 professions within our business, our team has the expertise to design, construct, operate, manage and market our Westfield destinations and platforms.
We want to be the place where talent thrives. To support you thriving with us, we promise to respect, inspire and develop you, and that you will do work that matters.
Diversity, equity and inclusion underpins our culture, and our vision is that 'Everyone Belongs'. We foster a workplace experience where everyone feels valued, supported and motivated to realise their full potential.
We aspire to create a workforce reflective of the communities in which we operate and encourage applications from everyone regardless of age, gender, ethnicity, cultural background, faith, disability, sexual orientation, gender identity or life stage.
We offer a range of unique benefits designed to support your wellbeing, career development and lifestyle, including five days paid Life Leave on top of your four weeks annual leave (pro-rated for part-time), 18 weeks gender neutral paid parental leave for primary carers, with no qualifying period and super paid for the duration of the leave period and free parking at your local Westfield destination.
Important information
Advertised:
28 Nov **** AUS Eastern Daylight Time
Applications close:
05 Dec **** AUS Eastern Daylight Time
Scentre Group exclusively recruits for roles based in Australia and New Zealand. If you are contacted regarding employment opportunities with Scentre Group based in any other country, we encourage you not to disclose any personal information. Any email communication regarding an employment opportunity with us will come from a scentregroup.com email address. If you receive any suspicious emails regarding employment with Scentre Group, please forward them to .
We acknowledge the Traditional Owners and communities of the lands on which our business operates. We pay our respect to Aboriginal and Torres Strait Islander cultures and to their Elders past and present. We recognise the unique role of Maori as Tangata Whenua of Aotearoa/New Zealand.
#J-*****-Ljbffr