Challenger1 follower16 jobs

Information Security Analyst - Third Party Risk & Controls Testing

Mid levelFull-timeHybridNew South Wales, AustraliaInformation technologyRisk management and complianceCybersecurityPosted 3 months ago
View your fit0 of 9 criteria met

About the job

The Information Security Analyst – Third Party Risk & Controls Testing at Challenger Limited is a dynamic opportunity to manage and mitigate information security risks across a complex third-party ecosystem. This role plays a crucial part in ensuring that external partners meet Challenger’s security standards and supports regulatory compliance. The IT Risk & Security team values collaboration and flexibility, working together to create a secure environment for all.

You'll be responsible for

🔍

Managing third-party risk

Assessing vendor security practices, conducting gap analyses, and driving governance improvements using frameworks like ISO27001, NIST, and CIS.
⚙️

Building controls testing maturity

Helping to build maturity in the internal controls testing program, linking findings to risks and supporting the rollout of the new GRC system, Archer.
🚨

Contributing to incident response

Participating in incident investigations involving third parties and ensuring compliance with internal policies and external regulations.

Skills you'll need

🔒

Information security

A solid foundation in information security principles and practices, particularly in relation to third-party risk management.
🤝

Third-party risk management

Understanding of third-party risk management principles and practices, ensuring compliance and governance across external partners.
🛡️

Controls testing

Ability to support a controls testing program, assessing design and operating effectiveness, and reporting on control maturity.
View more

Meet the team

About the company

View your fit

0 of 5 criteria met
Information security experience
Demonstrated experience in information security within financial services.

View

Third-party risk management knowledge
Understanding of TPRM principles and practices.

View

Familiarity with control frameworks
Experience with ISO27001, NIST, SOC 1 & 2 standards.

View

Exposure to APRA regulations
Knowledge of CPS230 and CPS234 related to third-party risk.

View

Strong communication skills
Ability to engage stakeholders and ensure alignment.

View

A meaningful career starts with a match

  • Explore
    • Jobs
    • Companies
    • People
    • Hatch Hotlist 2025
  • Hiring
    • Permanent hires
    • Hatch Placements
  • Resources
    • Blog
    • Community stories
    • Career advice
    • Customer stories
    • Help centre
  • Hatch
    • About
    • Careers
    • Contact
    • Hatch updates
    • Media enquiries
  • © 2025 Hatch
  • Privacy
  • Terms

Similar jobs

View all
ANZ
ANZ
Information Security Manager - 12 Month Fixed-Term ContractMelbourne, VIC · Contract
The Information Security Manager at ANZ is a vital position that leads the development and management of the information security program for ANZ Staff Super. This job plays a crucial role in ensuring compliance with CPS 234 and aligning with best practices in information security. The team values collaboration and innovation, working together to protect customer data and enhance financial wellbeing.
Alinta Energy
Alinta Energy
Geospatial Information Systems (GIS) AnalystSydney, NSW · Full-time
Join Alinta Energy as a GIS Analyst and embark on an exciting journey working on major renewable energy projects across the East Coast. This job offers a fantastic opportunity to make a real impact by managing and analyzing spatial data that drives business decisions. The team thrives in a fast-paced, collaborative environment, valuing flexibility and innovation while working towards a sustainable energy future.
Alinta Energy
Alinta Energy
Geospatial Information Systems (GIS) AnalystMelbourne, VIC · Full-time
Join Alinta Energy as a GIS Analyst and play a vital role in shaping the future of renewable energy projects across the East Coast. This position offers an exciting opportunity to manage and analyse spatial data, ensuring that high-quality geospatial insights inform critical business decisions. The team thrives in a collaborative and flexible environment, where your contributions will be valued and impactful.
Deel
Deel
Information Security Analyst, SecOpsAustralia · Full-time
Deel is seeking an Information Security Analyst to join their dynamic team and play a crucial role in safeguarding the company's information assets and data. This job offers an exciting opportunity to tackle complex challenges that impact millions of working lives while contributing to a diverse and inclusive global economy. The team thrives on collaboration and continuous learning, ensuring that everyone is empowered to drive meaningful impact together.