Cyber Risk Analyst

Location: Sydney, New South Wales, Australia
Salary: AU$110000 - AU$135000 per annum + Additional Benefits
Job Type: Permanent
Apply for this Job

Reporting to the Global Cyber Governance and Risk Manager, the role will support the continuous improvement and administration of our third party cyber security risk posture.

The key objective for this role is to assist in tracking and analysing the cyber security risks of third parties utilised by the client and their entities. This is a business facing role, supporting multiple stakeholders to help ensure CPS 234 in relation to third parties is appropriately embedded in the client's engagement with third parties.


  • Perform analysis of the cyber and resilience risks associated with potential and existing third party suppliers and related parties that support the business
  • Manage the classification and tiering of third party suppliers
  • Administer third party cyber assessment software
  • Maintain a current inventory of third party providers (including their respective cyber risk)
  • Contribute to the continuous uplift of supplier cyber management capability
  • Collaborate effectively with Procurement, Legal, and Risk & Compliance Community on risks associated with third and related parties
  • Track key cyber security third party assessment metrics and generate reports to monitor the effectiveness of the third party program
  • Provide useful insights to the Cyber Governance and Risk Manager (Third Party Risk) and support the broader Cyber Strategy
  • Assisting with third party supplier awareness, communication and training campaigns
  • Assisting in maturing the third party cyber policies, standards and procedures owned by the team and helping to embed these across the organisation
  • Ensure all stakeholders are clear on the status of third party cyber security Initiatives, as required


  • Experience with third party cyber risk management or similar
  • Ability to manage multiple problems at once and prioritise issue
  • Strong customer service focus with a confidence to engage with internal and external stakeholders
  • Broad knowledge of major trends in relation to third party supplier risk and regulatory requirements, including APRA CPS234
  • Tertiary qualifications and CISSP, CIA, or CISM designations preferred

If interested please call Matthew on 0282512110 or apply directly with an MS Word formatted CV.

Sthree Australia is acting as an Employment Agency in relation to this vacancy.

Apply for this Job