Senior Analyst Technology and Cyber Risk
Sydney, Australia
TAL
Tailor your cover to suit your needs. Life, Income, TPD, Critical Illness. Get a Quote for flexible insurance products built by you, for you.Company Description
Welcome to This Australian Life.
From the millions of Australians we protect, to those that make it happen every day at TAL, people really are what we’re all about. We want to grow with you. Achieve with you. And support you to do your best work. That's why we're focused on developing leadership, promoting diversity, rewarding excellence and retaining great talent.
We're always looking for people who want to go further with us. People who do what’s right, aim high, and work smart. Why not see where we can go?
Job Description
The Senior Consultant Technology and Cyber Risk will be part of the Technology & Cyber Risk function within the Technology Business Unit and will lead the strategy and execution of Risk Management activities. This role is responsible for ensuring the Technology risk posture remains within TAL’s appetite by overseeing and executing Line 1 Risk management activities and consulting with a variety of stakeholders across Technology and the Business.
Key Accountabilities:
- Provide input into TAL’s Technology Risk Management strategy and yearly plan of activities.
- Risk Management advice and support across all of TAL’s Technology platforms.
- Contribute to the development of the controls assurance plan and perform controls assurance over critical controls
- Deliver reporting to TAL’s Technology Leadership team, Risk Office and Board to represent Risk Indicators and significant events that may shift the risk profile. Coordinate activities to complete all reporting requirements by obtaining updates from General Management and the Risk function on risk posture and culture.
- Management of risk remediation activities and reporting of approaching and overdue actions.
- Oversight and management of Incident Management for events that have an external impact to TAL’s customers or partners and support for reportable situations.
- Risk in Change assessments for significant implementations, Cloud workloads, and AI use cases to ensure solutions remain within TAL’s risk appetite and controls.
- Coordination and support for TAL’s annual Risk and Controls Self-Assessment (RCSA) to agree on risk posture and control health in alignment with APRA’s CPS230 standard.
- Co-ordinate and update the Business Continuity Management for Technology to ensure recovery strategies and plans are risk based, appropriate and actionable.
- Documentation and coordination of Risk Acceptance for issues that require leadership acceptance and agreement of remediation activities to bring risks within tolerance levels.
- Stay abreast of regulatory changes and industry best practices to ensure the Technology platform meets regulatory and partner requirements.
- Collaborate with cross-functional teams, including Technology Risk (Line 2), Internal Audit, Legal and Compliance to ensure there is an integrated approach to Technology Risk Management.
- Lead, mentor and develop a team dedicated to Technology Risk Management.
- Support other Cyber Risk teams, as required
Qualifications
- Bachelor's degree in Business, Finance, Information Technology, or a related field. Relevant professional certifications (e.g., CISM, CRISC, CISSP) is a plus.
- Minimum of 3 years of experience in Third-Party Risk Management, Technology Risk, Cyber Security, or a related field with proven experience of supporting, implementing and managing risk management programs.
- Strong understanding of regulatory compliance standards (e.g., APRA CPS234 / CPS230, SOX, ISO 27001, NIST CSF, Privacy Act, SOCI, etc.).
- Strong communication skills with the ability to translate risk into business impact.
- Self-starter with strong organisational skills in a highly-adaptive and a fast-paced environment.
- Customer-oriented mindset and ability to apply collaborative approach to achieving business outcomes.
- Thinker and doer with a pragmatic approach to make decisions and at the same time focused on outcomes.
- Ability to lead and motivate both direct and indirect team members, and manage a developing team.
Additional Information
At TAL we value diversity in all its forms and are committed to fostering an inclusive and equitable culture for all our people. We encourage Aboriginal and Torres Strait Islander people, individuals from all backgrounds, including those with caring responsibilities, people living with disability, and individuals from the CALD and LGBTQI+ communities to apply. Even if you don’t check every box in the criteria above, we encourage you to apply today or get in touch with us here.
To provide you with the best experience, we can accommodate you at any stage of the recruitment process. Simply inform our Recruitment team at any time.
TAL is recognised by the Workplace Gender Equality Agency as an Employer of Choice. We are proud to be a member of Diversity Council Australia and the Australian Network on Disability. For information on our reconciliation journey, take a look at our Innovate Reconciliation Action Plan.
We acknowledge the Traditional Custodians of the Land in which our Head Office is based, the land of the Gadigal people of the Eora Nation, and recognise their deep connections to the land, sea, and culture.
We extend this acknowledgment to the many Traditional Lands that we operate across and pay our respects to Elders past, present, and emerging.
Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves. Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day. Risk management is everyone’s responsibility.
If you are already a TAL employee please apply via the SmartRecruiters button in Workday and navigate to the Employee Portal. This is important to ensure that your application is recorded accurately.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISM CISSP Cloud Compliance CRISC Finance ISO 27001 NIST Privacy Risk management SOX Strategy
Perks/benefits: Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.