Key skills
ServiceNowRisk ManagementCommunicationCollaboration
About this role
Role Overview
- Own the day-to-day execution and continuous improvement of first line Third Party Risk Management and Enterprise Resiliency programs for Australia and New Zealand.
- Serve as the primary point of contact to lead both programs across Australia and New Zealand, ensuring they are embedded in the business and kept current with regulatory obligations (including APRA CPS 230).
- Work closely with local executives, business units, and global corporate functions, building strong working relationships across the organization.
- Execute and manage the in-country first line Third Party Risk Management program in accordance with corporate policy, local regulatory requirements, and the risk profile of outsourced services.
- Maintain and uplift the country-level third party inventory, ensuring third parties are risk-assessed through the internal CBRA tool prior to onboarding.
- Track third party management issues and facilitate timely escalation where appropriate.
- Implement local variations to enterprise processes and procedures where needed to ensure consistent in-country execution.
- Socialize and embed third party risk policies across the business through training, briefings, and written updates to business unit management and corporate function stakeholders.
- Provide regular reporting on third party issues, audit findings, outsourcing developments, and program status.
- Coordinate completion of Modern Slavery attestations from offshore third-party provider.
- Execute and manage the in-country Enterprise Resiliency program in accordance with corporate policy and local regulatory requirements.
- Review and maintain in-country resiliency policies and procedures, keeping them current and fit-for-purpose.
- Lead annual refresh of Business Impact Assessments (BIAs) and review quality of Business Continuity Plans (BCPs) and Incident Management Plans (IMPs), escalating design issues to senior management and the global Enterprise Resiliency team.
- Monitor progress of the BIA/BCP/IMP refresh cycle and escalate delays to proactively.
- Design and run local business continuity tests and exercises, and prepare periodic reporting on test results, program progress, and remediation status.
- Maintain high-quality records across the Enterprise Resiliency system (ServiceNow) in accordance with global program standards.
- Participate in Enterprise Resiliency governance meetings and support the remediation of identified issues.
- Coordinate the annual resiliency training cycle and champion process improvement through collaboration with Enterprise Resiliency, Business, and Risk teams.
Requirements
- Strong knowledge of Third Party Risk Management and Enterprise Resiliency standards preferably within insurance or financial services sector.
- Experience in conducting third-party risk assessments in accordance with outsourced services.
- Demonstrated experience in operational risk within insurance or financial services sector, with a strong understanding of regulatory requirements such as CPS 230 (Operational Risk Management), associated APRA and ASIC expectations in Australia, and relevant New Zealand frameworks such as RBNZ prudential regime.
- Excellent communication skills, with ability to present risk information to executive teams and ensure alignment of risk management priorities.
- Results oriented mindset that prioritizes activities and delivers to deadlines.
- Proficiency in operational processes and metrics reporting.
- Ability to collaborate with cross-functional teams and stakeholders.
- Applicants must have valid rights to work in Australia as employer sponsorship is not available for this position.
Tech Stack
- ServiceNow
Benefits
- Total Rewards Program
- Health, wellbeing and financial security benefits
- Professional development opportunities