Information Security Analyst - Third Party Risk & Controls Testing
About the job
The Information Security Analyst – Third Party Risk & Controls Testing at Challenger Limited is a dynamic opportunity to manage and mitigate information security risks across a complex third-party ecosystem. This role plays a crucial part in ensuring that external partners meet Challenger’s security standards and supports regulatory compliance. The IT Risk & Security team values collaboration and flexibility, working together to create a secure environment for all.
You'll be responsible for
🔍
Managing third-party risk
Assessing vendor security practices, conducting gap analyses, and driving governance improvements using frameworks like ISO27001, NIST, and CIS.⚙️
Building controls testing maturity
Helping to build maturity in the internal controls testing program, linking findings to risks and supporting the rollout of the new GRC system, Archer.🚨
Contributing to incident response
Participating in incident investigations involving third parties and ensuring compliance with internal policies and external regulations.Key criteria
🔍
Information security experience
Demonstrated experience in information security within financial services.View
📊
Third-party risk management knowledge
Understanding of TPRM principles and practices.View
🛡️
Familiarity with control frameworks
Experience with ISO27001, NIST, SOC 1 & 2 standards.View
View more
