Third Party Security Manager

BE THE DIFFERENCE

At AIA we don’t simply believe in being ‘the best’. We believe in better - because there’s no limit to how far ‘better’ can take us. Everything we do is driven by our purpose to make a difference by helping people embrace Healthier, Longer, Better Lives. And every one of our people has an important part role to play. If you want to make a difference by helping shape a healthier, better-protected Australia, read on.

The Opportunity:
AIA Australia is undergoing a large-scale digital transformation together with several major technology initiatives to address the dynamics of the market. As part of the transformation, AIA Australia needs to form partnerships and engagements with third parties to enable us to scale. Due to the volume and complexity of the supplier network, the Third Party Security Manager will coordinate security activities together with key stakeholders while also driving the uplift of the security framework.

The primary responsibility of the Third Party Security Manager is to protects AIA’s brand, reputation, financial position, regulatory position and strong commitment to customer satisfaction by managing third party technology risks to AIA.

The Third Party Security Manager will work directly with third parties (such as clients, partners, suppliers and vendors), internal business stakeholders and auditors to identify, treat and manage third party security risks within our tolerance settings.
- Leading the management of AIA’s third party security risk management program and reporting within AIA Australia and across our third party landscape
- Assessing and obtaining assurance of security controls of critical and high risk third parties
- Promoting awareness of AIA’s third party security risk management program
- Execution of technology security management, IT and information security strategy and processes to ensure compliance with AIA’s security policies and frameworks
- Providing expert security advice on security risks within business unit supply chains
- Recommending treatments to manage security risks. Work in partnership with stakeholders to design and implement those treatments

To be successful in this position, you will have:

- Significant experience in technology control and third party risk management, technology audit, technology compliance function
- Extensive demonstrated experience in IT Security, Third Party Risk Management or Risk Consulting gained in a similar role or consultancy firm
- Demonstrated understanding of GS007, ASAE 3402, ASAE 3150, Service Organisation Control reporting and APRA prudential standards
- Strong background in internal controls assessment
- Excellent understanding of security technologies and controls
- Passion for collaborative working to achieve transformational outcomes
- Degree in Cyber Security, Accounting or majoring in related disciplines would also be highly regarded

Why choose AIA:

- At AIA, we’ve made a promise to help people live healthier, longer, better lives. And it starts with our own people
- AIA Australia is part of the larger regional Asia AIA Group, which is the largest public listed life insurance company in the Asia-Pacific region
- Access our training and development to build on your current skills
- Career development through internal mobility opportunities
- Work for a business helping millions of Australians and make a difference to someone’s life everyday
- Access additional leave days a year to recharge and refresh yourself
- Enjoy wonderful Health and Wellbeing initiatives that support you
- Work with supportive and inclusive working environment
- Flexible working arrangement

At AIA Australia, we’re proud to help guide, support and protect the wellbeing of over 3.5 million Australians. Through life and health insurance, financial wellbeing and our total wellbeing ecosystem that includes AIA Vitality - the world’s leading science-backed wellbeing programme - we’ve started a movement to make Australia the healthiest, best protected nation in the world. As part of the AIA Group - the largest independent publicly listed pan-Asian life insurance group with a presence in 18 markets in Asia-Pacific - it is our ambition to engage one billion people to live Healthier, Longer, Better Lives by 2030. Lots of companies like to say they’re different. What makes us truly different at AIA, is the difference we make in people’s lives.

AIA is different. Are you?