We are seeking a highly skilled and motivated Cyber Security Specialist to join our National & Cyber Security office. This role focuses primarily on Supplier Security and involves a wide range of compliance and security governance functions. You will work closely with senior management and cross-functional teams to identify, assess, and mitigate risks associated with vendors and third-party relationships.
As part of the team, you will play a key role in the Optus Vendor Security Governance program, ensuring robust cybersecurity practices, risk assessments, and compliance across the organisation. You will also lead the transition of Third-Party Risk Management (TPRM) services and oversee the migration of related tools and processes.
The day to day
* Lead and manage the Optus Vendor Security Governance program across all business units.
* Support cybersecurity compliance activities and deliver management reports.
* Handle escalations, liaise with stakeholders, and ensure timely issue resolution.
* Oversee the transition and migration of TPRM services and tools, ensuring minimal disruption.
* Develop and implement plans for TPRM governance, including risk mitigation strategies.
* Collaborate with internal teams and external vendors to execute plans on time and within budget.
* Monitor remediation efforts and update relevant documentation and reports.
* Provide regular progress updates and risk status to senior management.
* Foster cross-team collaboration to refine and improve security practices.
* Build strong relationships with stakeholders across the business and externally.
What makes you a great fit?
* Degree in Computer Science, Information Technology, or equivalent (or relevant experience).
* CISSP accreditation.
* Strong understanding of vendor and third-party risks, with expertise in information security and cyber risks.
* Extensive experience in risk assessments, cybersecurity practices, and compliance management.
* Proven ability in project/program management, driving change, and delivering security solutions.
* Excellent stakeholder management and communication skills, with the ability to present complex information effectively.
* Solid knowledge of IT security standards and practices (e.g., PCIDSS, ISMS, OWASP, Australian Privacy Principles).
* Ability to work under pressure, focus on outcomes, and manage remediation efforts.
* Strong team player with a proactive and collaborative approach to problem-solving.
#J-18808-Ljbffr