Head of Service Providers Risk Management
2 weeks ago
**About HCF**
At HCF, our purpose is to bring our human touch to healthcare. Since 1932 we’ve been putting our members and their health first. As Australia’s largest not-for-profit health fund, we cover over 1.7 million members with health, life, travel and pet insurance and our vision is to make healthcare understandable, affordable, high quality and member centric.
We want to be true health partners to our members, easily guiding the healthcare choices that are right for them. At HCF, our values are the way we do things and create the necessary culture to help us realise our purpose and deliver our 2025 Strategy. Living our values in action we step forward, walk in their shoes, stay human, make it better and get there together.
**About the role**
The Head of Service Providers Risk Management is responsible for ensuring the security and resilience of the services provided to HCF by external service providers that support business operations and objectives. They will oversee and manage the risk processes for the external service providers that support the business operations and objectives. The Head of Service Providers Risk Management will oversee the cyber risk assessment, mitigation, and monitoring of the 3rd party and 4th party service providers, data storage and ensures compliance with the contractual obligations and regulatory requirements. The Head of Service Provider Risk Management must work closely with legal and compliance teams to ensure that all aspects of CPS requirements such as 230 and 234 are met, and that the organisation's outsourcing practices align with the regulatory framework.
**About you**
To be successful in this role, you will demonstrate the following qualifications, experience and skills:
- Must have Bachelor’s degree in Computer Science or an equivalent engineering discipline.
- Minimum of 8 years of experience in vendor/service provider risk management, with a focus on cyber risk management & reporting.
- Proven experience in leading the development and implementation of a vendor cyber risk management program.
- Strong knowledge of cyber security risks, threats and mitigation strategies.
- Excellent leadership, communication, and interpersonal skills.
- Strong verbal and written communication skills.
**Responsibilities**
The responsibilities of this role include but are not limited to the following:
- Conduct a thorough review of the service providers (3rd party and 4th party) risks, security posture, practices, and processes, and use this information to make informed decisions about risk.
- Ensuring that the organization is in full compliance with the upcoming CPS 230 regulations.
- Collaborating & supporting the relevant IT stakeholders and liaising with legal and procurement teams to ensure that contracts with service providers include appropriate risk management provisions, including service level agreements security requirements, data protection clauses, and termination clauses.
- Develop and implement the strategy and framework for managing the cyber security of the 3rd party and 4th party service providers across the organization
- Establish and maintain effective governance, risk management, and performance monitoring processes for the cyber security of the third-party service providers.
- Negotiate, review, and approve contracts, service level agreements, and key performance indicators with the 3rd party & 4th party (if relevant) service providers, ensuring that they include adequate cyber security clauses and controls.
- Communicate and collaborate with internal stakeholders, such as business units, IT service management, security teams, legal, compliance, and audit teams, to ensure alignment and coordination of the cyber security management activities.
- Manage and resolve issues, disputes, and escalations with the third-party service providers related to cyber security incidents or breaches.
- Identify and implement opportunities for cost optimization, service improvement, and innovation with the third-party service providers in terms of cyber security.
- Conduct regular assessments and audits of the third-party service providers (and if required for 4th party) to ensure compliance, quality, and security standards are met.
- Provide regular reports and feedback to senior management on the cyber security performance, risks, and issues of the third-party service providers.
- Regularly assess the security posture of service providers, including regular penetration testing and vulnerability assessments, to identify and remediate any potential security risks.
- Continuously monitoring the performance and compliance of service providers throughout the life of the relationship. This involves tracking key performance indicators (KPIs) and addressing any issues or deviations promptly.
- Developing and implementing strategies to mitigate identified risks associated with service provider relationships. This may include contingency plans, alternative vendor opti
-
Head of Risk Management
3 days ago
Sydney, Australia Australian Payments Plus Full time**The Game Changers**: At AP+ we're changing the game! We're doing big things, and we can't do it alone. We're part of a big ecosystem, and we know teamwork and passion for our purpose is what will make us successful. We value the unique talents, perspectives, of all our employees. This includes people of all gender identities and sexual orientations, First...
-
Head of Risk
5 days ago
Sydney, Australia OFX Full timeCompany Description **Hi.** We’re OFX, a global provider of online, international payment services. We solve the complexity of moving money and enable better decisions. Headquartered in Sydney with offices worldwide, we’re a customer-focused business that is all about inspiring customer confidence. At OFX, you’ll have the opportunity to reach beyond...
-
Risk Manager
5 days ago
Sydney, Australia Lawson Elliott Recruitment Full timeTop 50 ASX Listed - High profile organisation - Broad role focusing on ERM and Strategy An Australian success story, this company has been operating for almost 35+ years with a history of growth, acquisition and success. They focus on hiring high quality individuals who can help drive the business forwards and be part of their thriving head office...
-
Head of Development
3 days ago
Sydney Central Business District, Australia Australian Museum Full timeAbout the role Head of Development Join us at the Australian Museum and help us achieve our Mission to ignite wonder, inspire debate and drive change About the Role As the Head of Development, your mission is to drive a culture of philanthropy across the Australian Museum. Reporting to the Director Public Affairs and Development, the Head of Development...
-
Technology Risk Manager
23 hours ago
Sydney, Australia Bluefin Resources Full timeMultiple roles in a growing line 1 Technology Risk function - Heavy advisory focus to the roles, map out core responsibilities for the team - Sydney CBD & Hybrid working model. Excellent team culture Highly regarded and established global bank are seeking a number of Technology Risk professionals to join their growing line 1 IT Risk team. The business has...
-
Internal Audit Manager
23 hours ago
Sydney Central Business District, Australia Mars Recruitment Full timeWe are currently working with a leading international bank that is looking for an experienced Internal Audit Manager to join the team on a 2-year contract with the strong possibility for the role to go permanent after the 2 years. The role reports to the Head of Internal Audit and is responsible for leading and delivering specific audits across the bank. An...
-
Risk & Compliance Manager
3 days ago
Sydney, Australia Bluefin Resources Full timeSeeking a diligent Manager to assist the Head of Risk & Compliance Function in managing the company's risk and compliance framework and functions. Reporting to the Head of Risk & Compliance, this role is responsible for undertaking risk and compliance assessments, reporting, and risk assurance activities. Key Duties and Responsibilities: - Ensure effective...
-
Compliance Manager
2 days ago
Sydney, Australia Compliance and Risk Management Recruitment Full timeBanking & Finance - Stock Broking - Sydney - Permanent / Full Time **08th February, 2024**: **This is an exceptional opportunity join a Capital Markets Institution in a Compliance Manager role. Australia is the main hub across APAC for the financial institution and due to growth across the region they are looking to expand.** **Key Responsibilities** -...
-
Head of Executive Risk for Australasia
3 days ago
Sydney, Australia WTW Full timeSenior executive position holding officer title of Director for Executive Risks of FINEX. Oversee all FINEX placements outside Professions & Financial Institutions & Cyber, connect with and provide resources to colleagues engaged in FINEX FI business across the region, provide strategic advice to FINEX’s Executive Risk clients, grow FINEX’s book of...
-
Head of Enterprise Risk and Sheq
3 days ago
Sydney, Australia CareFlight Full timeCompetitive remuneration + Generous Salary Packaging + Parking - Permanent full-time position - Bankstown or Darwin Location CareFlight is an Australian “for purpose” aeromedical organisation voted consistently as one of Australia’s most trusted Brands. Our mission is to save lives, speed recovery and serve the community through delivering our...
-
Head of Compliance
23 hours ago
Sydney, Australia Compliance and Risk Management Recruitment Full timeBanking & Finance - Other - Sydney - Permanent / Full Time **05th April, 2024**: **Key Responsibilities** - Key point of contact for regulatory compliance matters (line 2 advice). - Manage & maintain organisations Compliance framework and management procedure, instilling a culture of continuous improvement. - Coordinating with regulatory organisations...
-
Manager, Insurance Risk
3 days ago
Sydney, Australia Australian Reinsurance Pool Corporation Full time**ARPC Position Description** **Function**:Governance, Risk and Compliance **Classification broadband**:EL1 **Location**:Sydney **Security clearance**:Baseline **Role Reports to **(role title)**:Head of Risk **Direct Reports **(role titles)**:Nil **Purpose of the role **(Why the role exists; how the role contributes to the ARPC’s strategic...
-
Risk Manager
5 days ago
Sydney, Australia People Intelligence Full timeYou will be working for a well-established global leading company that is agile and dynamic and that specialises in the provision of credit insurance and risk management solutions for corporate clients cross-industry regardless of their size. Based in Sydney, you will be responsible for overseeing all Risk Management functions in the ANZ region reporting to...
-
Managing Director, Risk Management, Australia Chief Risk Officer
Found in: Talent AU C2 - 3 days ago
Sydney, Australia Citi Full timeAustralia Chief Risk Officer Based in Sydney, the Australia Chief Risk Officer (CRO) will have a direct reporting line to the ANA Cluster Risk Head and a matrix reporting to the Australia Citi Country Officer (CCO) and Banking Head. Key responsibilities of the Australia CRO are as follows. Holistic Franchise Level Risk Management: Manage all franchise...
-
Compliance Manager Financial Services Hybrid
23 hours ago
Sydney Central Business District, Australia Robert Half Full timeA recognizable name in their market sector, this is a very well-established business with a great customer branding **The Company** A household name and recognisable brand with a long history, this business has continued to grow due to their customer centric approach and vision. As an established organisation with a mature risk and compliance culture, they...
-
Risk and Compliance Advisor
5 days ago
Brisbane Central Business District, Australia WorkCover Queensland Full time**Job no**: 493164 **Work type**: Permanent - Full Time **Location**: Brisbane CBD **Categories**: Finance & Strategy Group At WorkCover Queensland our vision is to be the best worker’s compensation insurer, to make a positive difference to people’s lives and to keep Queenslanders working. Our flexible work environment allows you to be your best...
-
Cyber Security Risk Specialist
5 days ago
Brisbane Central Business District, Australia Peoplebank Full timeLocation: - Brisbane CBD- Job Type: - Contract- Posted: - about 5 hours ago- Contact: - Moitri Banerjee- Discipline: - Security / Cyber Security - Reference: - 256595**Role - Cyber Security Risk Specialist** Newstead based, 2- 3 days Work from home Initial 6 months + possible extensions Competitive daily rate **About the role** The Cyber Security Risk...
-
Cyber Risk Manager
23 hours ago
Sydney, Australia Allianz Australia Full time**CYBER RISK MANAGER - RISK AND COMPLIANCE MANAGER | SYDNEY, NSW** At Allianz, we’re proud to be one of the world’s leading insurance and asset management brands, with a workforce as diverse as the world around us. We care about our customers, which is why we hire the very best people to further our commitment to securing the future of our customers,...
-
Information Security, Governance, Risk and
23 hours ago
Brisbane Central Business District, Australia Clicks IT Recruitment Full timeWe are looking for a contractor for a Information Security, Governance, Risk and Compliance Officer for 6 months for a QLD Government Department. **Key Responsibilities**: Support the development, implementation, and management of Information Security policies, plans and procedures. Support internal and external security assurance activities such as...
-
Manager, Enterprise Risk
2 days ago
Sydney, Australia Reserve Bank of Australia Full timeJob no 497691 Type Maximum-term - Flexible arrangement, Open-ended - Flexible arrangement Location Sydney Category Risk Management Advertised 06 Apr 2023 Closes 21 Apr 2023 AUS Eastern Standard Time **More excellence, less vanilla** As a seasoned Risk Manager, you will provide advice and deliver risk management and control monitoring services for...