
Third Party Security Analyst
2 days ago
The Cyber team at Bupa is growing and we are on the lookout for a third-party security analyst.
The Third-Party Security Analyst will partner with project teams that are seeking to engage with new vendors whereby its proposed they manage our regulated entities information assets and work with these vendors to perform an assessment of their information security capability to ensure adequate controls are maintained and the introduction of new security risk is avoided
**Responsibilities**
- Carry out third party security due diligence assessments to inform our business of the third party’s security exposure prior to entering into contractual agreement.
- Conduct assessments through triage processes and security questionnaires to understand the supplier’s security maturity and gaps o Evaluating the design of that party’s information security controls
- Communicate and report these within a risk context and gain agreement with internal Bupa stakeholders and the third-party provider on the remediation plan
- Monitor third party’s attack surface observations and raise remediation requests where appropriate
- Perform monitoring and oversight over agreed remediations, and validation prior to closure
- Providing support to the Cyber Security Incident response team for any Third-Party incident response testing / simulations or real-world cyber incidents (where required)
- Working with Security testing teams to coordinate regular controls testing commensurate with the rate at which the vulnerabilities and threats change; and the materiality and frequency of change to information assets managed by our third parties (where required)
- Prepare scheduled and ad-hoc reports demonstrating the status of third-party security risk profiles, issues, trends, and improvement initiatives
- Supporting Security Risk Assessments (where required)
- Maintain Bupa’s third-party assessments repository
**What will I bring?**
- 2-4 years’ experience in Information Security, or a related field
- Tertiary qualifications in an appropriate Information Technology discipline or equivalent professional experience
- Knowledge of security and risk frameworks including ISO-27000 series, SABSA, CISSP and NIST
- Experience operating in an APRA and/or PCI regulated industry sector (preferred)
- Strong business and commercial acumen with a focus on the customer and business outcome
- Excellent oral and written communication skills including quality, concise technical documentation, report writing and presentations
- Excellent team player working within matrix structures, with demonstrated ability to broker outcomes effectively and collaboratively with colleagues and peers
- Vendor and partner management experience, including professional services and technology vendors
**What’s in it for you?**
As well as a competitive salary, a range of Bupa benefits and flexible working/ work from home, you’ll be challenged and encouraged to innovate. You will collaborate strongly with colleagues who are committed to delivering exceptional experiences. We trust, respect and consider everyone, knowing your difference will make the difference. Other benefits include discounts on health insurance, as well as access to our new global wellbeing program, Viva.
Viva has been designed to help you to live a healthy and happy life. It encompasses a comprehensive health and wellbeing program which includes access to health insurance benefits that will assist with covering the cost of medical treatment, information and education sessions, and preventative healthcare screening such as annual health assessments and skin checks. You will also be eligible to access various discounted products and services through our VIVA wellbeing partnerships.
-
Third Party Security Analyst
2 weeks ago
Melbourne, Australia Bupa Full timeBupa is an international healthcare group which has been committed to a purpose of longer, healthier, happier lives and making a better world for more than 70 years. In Australia and New Zealand, Bupa supports more than 5 million customers through a broad range of health and care services including health insurance, aged care, rehabilitation, dental,...
-
▷ 3 Days Left: Cyber Security Analyst
1 week ago
Melbourne, Australia Alinta Energy Full timeUpdate your details, view your application and progress. Cyber Security Analyst - Third Party Risk Job no: 501760 Work type: Permanent - Full Time Location: Melbourne, Adelaide Categories: Information Technology - Drive third-party cyber resilience across critical business partnerships - Apply your expertise in cyber risk frameworks and regulatory...
-
Third-Party Cyber Resilience Specialist
2 weeks ago
Adelaide, Melbourne, Australia beBeeCybersecurity Full time $90,000 - $150,000Cyber Security Risk Manager About the Role: We are seeking a skilled Cyber Security Analyst to drive third-party cyber resilience across our critical business partnerships and apply expertise in cyber risk frameworks and regulatory compliance. Performing thorough third-party cyber risk assessments and onboarding reviews. Maintaining accurate risk ratings...
-
Freight & Third-party Access Analyst
2 weeks ago
Melbourne, Australia VLine Full time**Freight & Third-Party Access Analyst** - ** Contribute to safer rail operations through meaningful data and analysis.**: - ** Hybrid work model with a mix of office and field engagement.**: - ** Supportive, collaborative team that values focus, respect, and shared outcomes.** - V/Line’s purpose is to connect Victorians through safe, reliable, and...
-
Freight & Third-Party Access Analyst
2 weeks ago
Melbourne, Victoria, Australia VLine Full time**Freight & Third-Party Access Analyst**- ** Contribute to safer rail operations through meaningful data and analysis.**:- ** Hybrid work model with a mix of office and field engagement.**:- ** Supportive, collaborative team that values focus, respect, and shared outcomes.**- V/Line's purpose is to connect Victorians through safe, reliable, and accessible...
-
Expert Third Party Risk Consultant
2 weeks ago
Melbourne, Victoria, Australia beBeeSecurity Full time $90,000 - $120,000We're seeking a highly skilled Third Party Security Analyst to partner with our project teams and assess the information security capabilities of new vendors.The ideal candidate will have experience in managing regulated entities' information assets, evaluating vendors' information security controls and contributing to the development of information security...
-
Manager, Third Party Assessments
2 weeks ago
Melbourne, Victoria, Australia Nab - National Australia Bank Full time**Work type**: Permanent Full time**Region**: VIC- Melbourne CBD- **Bring your passion for risk management within this amazing opportunity**:- **You'll be supported to manage your career, work and life**:- **Make a genuine difference through the work you do****In this role, you will**:The **Manager, Third Party Assessments** leads and oversees a team...
-
Third Party Risk Manager
2 weeks ago
Melbourne, Victoria, Australia beBeeRisk Full time $150,000 - $180,000Job Description:The Risk Management Specialist leads and oversees a team dedicated to conducting comprehensive risk assessments of Third Party vendors with particular emphasis on Information Security.This role is critical in driving understanding of Third Party controls and ensuring our risk management has the necessary rigour to protect the bank.In addition...
-
Security Analyst
1 week ago
Melbourne City Centre, Australia Talent International Full time**Job Details**: **Location** Melbourne CBD **Salary** Great team, CBD/WFH hybrid **Job Type** Full Time **Ref** BBBH100454_1680567612 **Contact** Carly Llorente **Posted** about 7 hours ago This high-profile University are currently seeking a Security Analyst to take responsibility for driving IT risk initiatives within the Portfolio and...
-
Security Risk Analyst
4 days ago
Melbourne, Australia Talent International Full timeaustralia melbourne permanent great team, cbd/wfh hybridThis high-profile University are currently seeking an experienced IT Security Risk Analyst to take responsibility for driving IT risk initiatives within the Portfolio and Planning team. You will collaborate with the IT leadership team, project team, third party service providers and other relevant...