Information Security Third Party Risk Specialist

**Work type**:
Full Time

**Location**:
Brisbane, Melbourne, Sydney

**Job type**:
IT

**Applications close**:
**Information Security Third Party Risk Specialist**:
Hello. We’re Virgin Australia. And we’re back (in a big way).

We’re the airline that’s always done things a little different. Our way. The Virgin way. For us, flying is so much more than simply taking off and landing (although we understand that is quite important). It’s about going the extra mile, in the air and on the ground, to create authentic experiences that put our guests firmly at the heart of everything we do.

**Who we’re looking for**:
If you are an experienced auditor, risk management or compliance specialist with a strong understanding of complex vendor risk-related issues then we would love to hear from you

The objective of the Information Security Third Party Risk Specialist is to be accountable for running VA’s Vendor Security Assessment process and identifying, monitoring and managing Information Security risks associated with VA’s vendors and partners.

**What you’ll be doing**:

- Operate the VA Vendor Security Assessment (VSA) process, coordinate the gathering of data from third parties, produce risk assessments, and communicate the outcomes to stakeholders.
- Track the risks identified through the VSA process, tiering third parties by risks and potential risk impacts.
- Develop, monitor, and possibly execute third-party remediation actions, mitigation, and contingency plans when risks or events are identified.
- Influence vendors and the business to ensure compliance with risk management policies.
- Collaborate with Procurement, Group Legal and business units to manage third-party behaviour, build communication and escalation plans around vendor risk management activities and ensure regulatory compliance where required.
- Refine the third-party risk management framework, relevant policies and procedures for VA, coordinating with other risk specialists in the Information Security team and the broader business.
- Maintain an understanding of relevant regulatory and legal compliance requirements.

**You’ll be great in this role if you have**:

- Background in an audit, risk management or compliance role.
- An understanding of operational and IT risks as well as understand how IT operates in an enterprise environment.
- A strong business background, with experience gathering and interpreting risks and associated impacts in the context of financial and operational concerns.
- An understanding and can articulate complex third-party risk-related issues.
- Demonstrate an understanding of operational and IT risks as well as how IT operates in an enterprise environment.
- Certificate in Risk Management Assurance (CRMA), are a Certified Information Systems Auditor (CISA) or a Certified Information Security Systems Professional (CISSP) (desirable).

**What you’ll get from us**:
We’re committed to looking after you, with some of the best benefits and conditions in the industry - including (but not limited to):

- Heavily discounted air travel for you and your loved ones (including $1000 worth of travel credits per year)
- Flexible working arrangements (including work hours and work from home)
- Discounts on travel insurance, car hire, accommodation and experiences worldwide
- Discounted Virgin Australia Lounge membership
- Hospitality, retail, technology, beauty services and wellness discounts
- Wellness support, including the betterme digital wellbeing platform
- A comprehensive Employee Assistance Program, which offers confidential coaching and support from qualified professionals for all aspects of life - physical, mental, social and financial
- Dress for Your Day - enjoy the freedom to wear whatever is appropriate for the type of work you do and the day you have ahead of you

**Equality rules**:
**COVID-19**:
The safety and security of our people, guests and operations come first. Always. That’s why we’ve put together a comprehensive ‘Mandatory COVID-19 Vaccination Policy’. In a nutshell, to work with us, you’ll need to comply with our (and the airport’s) rules and regulations. And be fully vaxxed.

**Ready to apply?**

We’re ready to hear from you.