Third Party Cyber Risk Analyst
Surry Hills, Australia
Endeavour Group
Endeavour Group is Australia’s largest retail drinks network & portfolio of licensed hotels. Find nformation for employees, community, investors, suppliers & industryCompany Description
Let’s create a more sociable future together
At Endeavour, we’re totally into what we do. With a portfolio that includes Dan Murphy’s, BWS, ALH Hotels, Pinnacle Drinks and more, we love to bring people together. Together we share our passion for our products and industry; it’s what inspires us to dream big, and continue to create new experiences for our customers and teams across Australia. If you thrive on positive energy, we want to meet you!
Job Description
- Bring your passion and feel the energy
- Flexible working
- Group discounts
We are seeking an experienced Third-Party Cyber Risk Analyst to join our Cybersecurity team. This role is crucial in ensuring the security and integrity of our organization by assessing and mitigating the cybersecurity risks associated with our third-party vendors, partners, and service providers. The ideal candidate will possess deep expertise in third-party risk management, a strong understanding of cybersecurity frameworks, and the ability to evaluate and negotiate security requirements with external parties.
Sound good? Read on.
Here is a taster of what you can expect in this role:
Third-Party Risk Assessment:
Lead comprehensive cyber risk assessments of third-party vendors, identifying potential vulnerabilities and security weaknesses.
Develop and enforce due diligence processes for key third-party vendors, ensuring alignment with organizational security standards.
Review security certifications, audits, and penetration test results from vendors to ensure ongoing compliance with regulatory and internal standards.
Incident Response & Escalation:
Participate in incident response efforts involving third-party security incidents or breaches.
Act as the point of contact for third-party-related security incidents and work closely with the internal cybersecurity team to resolve them.
Escalate unresolved third-party risks and incidents to senior leadership, as necessary.
Vendor Risk Monitoring:
Continuously monitor third-party vendors for potential new or emerging cybersecurity risks.
Develop a robust framework for ongoing risk assessments and auditing of third-party vendors throughout the lifecycle of the relationship.
Qualifications
Now let’s talk about you:
Bachelor's degree in Computer Science, Information Technology, or a related field.
5+ years of experience in cybersecurity, with at least 3 years focused on third-party cyber risk management.
Demonstrated experience in conducting third-party risk assessments, vendor security audits, and managing third-party security incidents.
Strong understanding of cybersecurity frameworks, standards, and best practices (e.g., NIST, ISO 27001, SOC 2).
Expertise in managing risks related to third-party relationships, including cloud providers, software vendors, and outsourcing partners.
Excellent analytical and problem-solving skills with the ability to identify security weaknesses and propose effective mitigation strategies.
Strong written and verbal communication skills, capable of interacting with senior leadership and external partners.
Ability to work independently, manage multiple tasks, and prioritize effectively in a fast-paced environment.
The benefits are good too!
- We offer flexible working in every sense
- An exclusive discount card for BWS, Dan Murphy’s, Woolworths, BIG W and other Endeavour Group brands, including our ALH pubs
- Monthly meeting-free days
- Your health and wellbeing is your most important asset, and as one of our valued team members, it’s our first priority. You will have a range of free services to help you live well and support your physical, mental and financial wellbeing
- Endeavour Group is full of opportunities - use our dedicated learning and development options to grow an idea, yourself, and your career. This is just the start, so dream big.
At Endeavour, we value being a workplace where everyone’s welcome - if you meet a number of the requirements (and not all), we encourage you to apply.
Additional Information
We are together creators
With a portfolio that includes Dan Murphy’s, BWS, ALH Hotels, Pinnacle Drinks and more, Endeavour Group is big on sociability. Together we create the moments that bring millions of people together. And together we have more fun, create more opportunities, and score a lot more goals. We’re serious about creating a safe, inclusive and fun place to rock up to where equal opportunity is key, and flexibility is part of how we roll.
We’re all about creating a more sociable future - for our customers and each other. If this job excites you - and you’re close-enough on the requirements, reach out, we’d love to hear from you.
You can learn more about working with us on LinkedIn or at endeavourgroupcareers.com.au.
Our Talent Team and Hiring Leaders kindly request no unsolicited resumes or approaches from Recruitment Agencies. Endeavour Group is not responsible for any fees related to unsolicited resumes.
#WeAreTogetherCreators #ComeAsYouAre #DreamBig #FeelTheEnergy #LeaveYourMark #EndeavourGroup
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Cloud Compliance Computer Science Incident response ISO 27001 Monitoring NIST Risk assessment Risk management SOC SOC 2 Vulnerabilities
Perks/benefits: Career development Equity / stock options Flex hours Health care Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.