As the Cyber Security Assurance Analyst you will be responsible for assisting with vendor cybersecurity risk assessments of proposed initiatives and/or solutions and deliver the Cyber Security Risk Assessment.
- Third-party cybersecurity assessments to provide assurance over the complex vendor partner environment.
- Track the pipeline of third party cybersecurity assessments to drive delivery of the significant pipeline of work
- Perform this assessment and deliver the Cyber Security Risk Assessment Report that outlines the following:
- Business Context
- Data Security Context (Data Value, Storage Location, Access Locations, Who Has Access, Security Controls)
- Assets at Risk
- Threat Community
- Description of identified risks aligned in 4A IT Risk categories and including cause factors and potential business impact.
- Inherent risks
- Current Controls
- Overall Control Effectiveness
- Recommended Controls
- Residual risks and risks outside the threshold
- Risk Treatment Recommendations
- Risk Map
Ideally, you will have an understanding of current and emerging laws and regulations affecting the Australian financial sector.
Be experienced in cybersecurity frameworks, and understanding of risk and controls and best practices.
You will be comfortable with working autonomously, though do enjoy building a strong rapport with external vendors whilst working in a highly detailed environment.
With previous experience working in a cloud-based environment, you will pragmatic in your approach to risk assessments with the aim of optimising the balance between maximising potential gain and minimising potential losses for the business.
If this sounds like you please email firstname.lastname@example.org