Cyber Risk Analyst (Third-Party Risk)

Primary DetailsTime Type: Full time

Worker Type: Employee

The purpose of this role is to support transformational change in Cyber and information security risk management within the core business, 3rd party suppliers, programs, and projects at QBE. This role is part of a Group Cyber Security team responsible for safeguarding the company from sophisticated cyber threats, requiring deep technical knowledge and a collaborative approach to deliver strategic business outcomes.

Primary Responsibilities:

• Conduct ongoing monitoring of third-party risk and performance.
• Assist in the implementation and execution of third-party risk management programs.
• Support the identification and evaluation of third-party cyber risks associated with suppliers/vendors.
• Conduct assessments of third-party vendors' security controls and policies.
• Maintain accurate and up-to-date documentation related to third-party cyber risk management activities.
• Assist in the creation of risk reports and metrics.
• Participate in cross-functional teams to support the implementation of risk management strategies.
• Provide assistance in the conduct of audits and assessments relevant to third-party cyber risk management.
• Keep QBE up to date with emerging threats and trends related to third-party cyber risk management.

Required Education:

• Bachelor's Degree or equivalent combination of education and work experience

Required Experience:

• One to two years of experience in cybersecurity, risk management, or a related field (for an entry-level position).

Preferred Competencies/Skills

• Demonstrated knowledge of relevant security frameworks, standards, requirements, and laws such as ISO 27001, PCI DSS, APRA CPS 234, NIST CSF, etc.
• Familiarity with third-party risk management principles, processes, and methodologies.
• Understanding of cybersecurity risk management principles and methodologies.
• Ability to assess and analyse vendor risk and compliance documentation.
• Strong analytical and problem-solving skills.
• Excellent verbal and written communication skills.
• Ability to work collaboratively with internal and external stakeholders.
• Knowledge of the cybersecurity threat landscape and emerging trends.

Skills:

Analytical Thinking, Conflict Management, Critical Thinking, Customer Service, Cyber Security Governance, Financial Systems, Individual Resilience, Intentional collaboration, Managing performance, Problem Solving, Risk Management, Security Monitoring, Team Management, Threat Mitigation, Vulnerability Management

How to Apply:

To submit your application, click "Apply" and follow the step by step process.

Equal Employment Opportunity:

QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.