Head of Third Party Risk Management – Cyber Security ResilienceJob no: 531836 Work type: Permanent Full Time Location: Sydney, Brisbane Categories: TechnologyThe Star Entertainment Group (TSEG) is a publicly listed company on the ASX. Our purpose is to create fun at trusted destinations and our aim is to deliver sustainable outcomes for our guests, our Team Members, the communities in which we exist and our shareholders. We do this by providing entertainment, gaming, and leisure experiences in a safe, responsible, and ethical way. We will do this by embedding our values to lead the organisation with a focus on safer gambling and good business practices.As our Head of Third Party Risk Management reporting to the Chief Information Security Officer, you will be responsible for building and leading a comprehensive program that safeguards the organisation from security vulnerabilities associated with third-party vendors.This is a fantastic opportunity where you will be developing and implementing a vendor lifecycle management process with robust security practices, overseeing assessments of third-party security posture, and establishing clear contractual obligations for data security and incident disclosure.A few of your responsibilities: Lead the development and implementation of a comprehensive TPRM encompassing vendor lifecycle management, security risk assessments, contractual obligations, and ongoing program improvement.Collaborate with key stakeholders across the organisation to understand security requirements for different third-party relationships and define clear guidelines governing those engagements (data security, incident response, regulatory compliance).Stay up to date on evolving cyber threats, industry best practices, and regulatory requirements for TPRM.Develop and implement a vendor lifecycle management program that integrates cybersecurity best practices throughout the engagement process (onboarding, ongoing monitoring, offboarding).Oversee the development and implementation of a standardised approach for evaluating third-party security posture, including reviewing security questionnaires, independent certifications (SOC II, ISO 27001, PCI DSS), penetration tests & vulnerability assessments.What we are looking for: Minimum 5-7 years of experience in third-party risk management or a related role.Proven track record of developing and implementing successful third-party security risk management programs.Strong understanding of cybersecurity best practices and frameworks (e.g., NIST CSF, ISO 27001).Excellent analytical and problem-solving skills.Experience in contract management and vendor relationship management is a plus.About you: You have a strong background in managing third-party relationships and building solid connections with multiple organisations and stakeholders. Additionally, you possess deep expertise in managing cyber threats, ensuring robust security measures are in place to protect organisational assets.Your role will be pivotal in driving impactful outcomes and shaping future solutions by improving the effectiveness of the third-party risk management program, identifying opportunities for optimisation and automation.What we can offer you: Complimentary meal on site every day including hot meals, sandwich bar and more.Flexible working arrangementsUp to 30% discounts across award winning restaurants and accommodationAn organisation that values diversity, teamwork and being your best self.Diversity & Inclusion areas of focus including Multicultural, Gender, Aboriginal & Torres Strait islander and LGBTQI+Extraordinary growth opportunities personally and professionallyOpportunity to work with elite professionals and assetsPlease be aware that eligibility checks are required as part of the recruitment process and ongoing employment for this position. Our culture: Each team member is expected to champion The Star's Purpose, Values, and Principles (PVP), which serve as the cornerstone of The Star's culture.We welcome applications from all cultures, ages, religions, genders, LGBTQI+ people, Australia's First Nations Peoples, and people with disabilities.The Star was awarded WGEA Employer of Citation for Gender Equality (2022-24) and has been recognised as a 2024 GOLD Employer by the Australian Workplace Equality Index (AWEI), which evaluates LGBTQI+ inclusiveness in the workplace.It's your time to SHINE!Advertised: 12 Nov 2024 AUS Eastern Daylight TimeApplications close: 26 Nov 2024 AUS Eastern Daylight Time#J-18808-Ljbffr