Job Summary
We are seeking an experienced Information Security Third Party Risk Specialist to join our team.
The successful candidate will be responsible for running VA's Vendor Security Assessment process and identifying, monitoring and managing Information Security risks associated with VA's vendors and partners.
About the Role
1. Operate the VA Vendor Security Assessment (VSA) process, coordinate the gathering of data from third parties, produce risk assessments, and communicate the outcomes to stakeholders.
2. Track the risks identified through the VSA process, tiering third parties by risks and potential risk impacts.
3. Develop, monitor, and possibly execute third-party remediation actions, mitigation, and contingency plans when risks or events are identified.
4. Influence vendors and the business to ensure compliance with risk management policies.
5. Collaborate with Procurement, Group Legal and business units to manage third-party behaviour, build communication and escalation plans around vendor risk management activities and ensure regulatory compliance where required.
6. Refine the third-party risk management framework, relevant policies and procedures for VA, coordinating with other risk specialists in the Information Security team and the broader business.
7. Maintain an understanding of relevant regulatory and legal compliance requirements.
Requirements
* A background in an audit, risk management or compliance role.
* An understanding of operational and IT risks as well as understand how IT operates in an enterprise environment.
* A strong business background, with experience gathering and interpreting risks and associated impacts in the context of financial and operational concerns.
* An understanding and can articulate complex third-party risk-related issues.
* Demonstrate an understanding of operational and IT risks as well as how IT operates in an enterprise environment.
* Certificate in Risk Management Assurance (CRMA), are a Certified Information Systems Auditor (CISA) or a Certified Information Security Systems Professional (CISSP) (desirable).
Benefits
* Heavily discounted air travel for you and your loved ones (including $1000 worth of travel credits per year)
* Flexible working arrangements (including work hours and work from home)
* Discounts on travel insurance, car hire, accommodation and experiences worldwide
* Discounted Virgin Australia Lounge membership
* Hospitality, retail, technology, beauty services and wellness discounts
* Wellness support, including the betterme digital wellbeing platform
* A comprehensive Employee Assistance Program, which offers confidential coaching and support from qualified professionals for all aspects of life - physical, mental, social and financial
* Dress for Your Day - enjoy the freedom to wear whatever is appropriate for the type of work you do and the day you have ahead of you
COVID-19 Vaccination Policy
The safety and security of our people, guests and operations come first. Always. That's why we've put together a comprehensive 'Mandatory COVID-19 Vaccination Policy'. In a nutshell, to work with us, you'll need to comply with our (and the airport's) rules and regulations. And be fully vaxxed.