Third Party Security Analyst

1 week ago


Melbourne, Australia Bupa Full time

The Cyber team at Bupa is growing and we are on the lookout for a third-party security analyst.

The Third-Party Security Analyst will partner with project teams that are seeking to engage with new vendors whereby its proposed they manage our regulated entities information assets and work with these vendors to perform an assessment of their information security capability to ensure adequate controls are maintained and the introduction of new security risk is avoided

**Responsibilities**
- Carry out third party security due diligence assessments to inform our business of the third party’s security exposure prior to entering into contractual agreement.
- Conduct assessments through triage processes and security questionnaires to understand the supplier’s security maturity and gaps o Evaluating the design of that party’s information security controls
- Communicate and report these within a risk context and gain agreement with internal Bupa stakeholders and the third-party provider on the remediation plan
- Monitor third party’s attack surface observations and raise remediation requests where appropriate
- Perform monitoring and oversight over agreed remediations, and validation prior to closure
- Providing support to the Cyber Security Incident response team for any Third-Party incident response testing / simulations or real-world cyber incidents (where required)
- Working with Security testing teams to coordinate regular controls testing commensurate with the rate at which the vulnerabilities and threats change; and the materiality and frequency of change to information assets managed by our third parties (where required)
- Prepare scheduled and ad-hoc reports demonstrating the status of third-party security risk profiles, issues, trends, and improvement initiatives
- Supporting Security Risk Assessments (where required)
- Maintain Bupa’s third-party assessments repository

**What will I bring?**
- 2-4 years’ experience in Information Security, or a related field
- Tertiary qualifications in an appropriate Information Technology discipline or equivalent professional experience
- Knowledge of security and risk frameworks including ISO-27000 series, SABSA, CISSP and NIST
- Experience operating in an APRA and/or PCI regulated industry sector (preferred)
- Strong business and commercial acumen with a focus on the customer and business outcome
- Excellent oral and written communication skills including quality, concise technical documentation, report writing and presentations
- Excellent team player working within matrix structures, with demonstrated ability to broker outcomes effectively and collaboratively with colleagues and peers
- Vendor and partner management experience, including professional services and technology vendors

**What’s in it for you?**

As well as a competitive salary, a range of Bupa benefits and flexible working/ work from home, you’ll be challenged and encouraged to innovate. You will collaborate strongly with colleagues who are committed to delivering exceptional experiences. We trust, respect and consider everyone, knowing your difference will make the difference. Other benefits include discounts on health insurance, as well as access to our new global wellbeing program, Viva.

Viva has been designed to help you to live a healthy and happy life. It encompasses a comprehensive health and wellbeing program which includes access to health insurance benefits that will assist with covering the cost of medical treatment, information and education sessions, and preventative healthcare screening such as annual health assessments and skin checks. You will also be eligible to access various discounted products and services through our VIVA wellbeing partnerships.



  • Melbourne, Australia Alinta Energy Full time

    **Job no**: 501760 **Work type**: Permanent - Full Time **Location**: Melbourne, Adelaide **Categories**: Information Technology - Drive third-party cyber resilience across critical business partnerships - Enjoy hybrid work options, energy discounts, and career growth opportunities Alinta Energy is one of Australia’s biggest energy retailers, generators...


  • Melbourne, Australia AIA Full time

    BE THE DIFFERENCE At AIA we don’t simply believe in being ‘the best’. We believe in better - because there’s no limit to how far ‘better’ can take us. Everything we do is driven by our purpose to make a difference by helping people embrace Healthier, Longer, Better Lives. And every one of our people has an important part role to play. If you...


  • Melbourne, Australia Bupa Full time

    Bupa is an international healthcare group which has been committed to a purpose of longer, healthier, happier lives and making a better world for more than 70 years. In Australia and New Zealand, Bupa supports more than 5 million customers through a broad range of health and care services including health insurance, aged care, rehabilitation, dental,...


  • Melbourne, Australia Latitude Financial Services Full time

    As a Third Party Security Specialist at Latitude you will play a crucial role in ensuring the security of third-party suppliers, security controls and platforms that interact with Latitude’s systems and data. In this role, you’ll: - Collaborate with legal, procurement, and supplier management teams to review and negotiate security terms in contracts. -...

  • Security Analyst

    54 minutes ago


    Melbourne, Australia Talent International Full time

    **Job Details**: **Location** Melbourne **Salary** Negotiable **Job Type** Full Time **Ref** BBBH101972_1684473163 **Contact** Donal McCann **Posted** about 3 hours ago - CBD Location - Working from Home - Conduct third party risk assessments The primary purpose of the Security Analyst is to identify all outstanding security issues, perform...


  • Melbourne, Australia Talent International Full time

    australia melbourne permanent great team, cbd/wfh hybridThis high-profile University are currently seeking an experienced IT Security Risk Analyst to take responsibility for driving IT risk initiatives within the Portfolio and Planning team. You will collaborate with the IT leadership team, project team, third party service providers and other relevant...


  • Melbourne, Victoria, Australia beBeeRiskManagement Full time $140,000 - $165,000

    Job OpportunityWe are seeking an experienced Risk Management Professional to join our team. This individual will provide technical knowledge, direction and training to consultants within the Governance, Risk and Compliance team, and work with clients to increase their third-party risk capabilities.About the Role:Provide technical knowledge, direction and...


  • Melbourne, Australia PRA Full time

    Our client is a leader within the financial services industry, with a purpose driven outlook for the future of both people, communities and the environment. Our client now has a requirement for a mid-senior level GRC Information Security Analyst to join their growing security team. What You Will Bring: - One or more related certifications such as CISSP,...


  • Melbourne, Victoria, Australia KPMG Australia Full time

    Manager- Third Party Risk Management (Governance, Risk and Compliance) Manager- Third Party Risk Management (Governance, Risk and Compliance) 1 day ago Be among the first 25 applicants Get AI-powered advice on this job and more exclusive features.Our Governance, Risk and Compliance practice is the advisory division of choice for many of Australia's leading...


  • Melbourne, Victoria, Australia KPMG Australia Full time

    Manager- Third Party Risk Management (Governance, Risk and Compliance)Manager- Third Party Risk Management (Governance, Risk and Compliance)1 day ago Be among the first 25 applicantsGet AI-powered advice on this job and more exclusive features.Our Governance, Risk and Compliance practice is the advisory division of choice for many of Australia's leading...