Third Party Risk Advisory Manager

Full working rights in AU required

(No sponsorship available)

The role Lead an established TPRM function at a large, highly regulated Australian organisation. You'll manage a team of 3 and focus on uplifting and streamlining the existing framework (not building from scratch).

Your job is to apply the spirit of CPS 230, not just tick compliance boxes.

Why you'll love working here

Health sorted: Subsidised private health insurance, mental health support through EAP, fitness programs, and preventative health checks.

Flexibility that works: Hybrid setup, purchased leave options, additional wellbeing days, and support for life events (because life happens).

Career growth: Learning platforms, development opportunities, and genuine internal mobility.

Actually supportive culture: Employee networks, inclusive leadership, and a people-first approach that's not just on posters.

What you'll do

Lead and evolve the TPRM framework aligned to APRA CPS 220 / CPS 230

Perform and oversee third-party risk assessments: SOC 2 reviews, on-site/remote MSP testing, security control assessments

Drive practical framework uplift

Lead and coach a team of 3

Partner with CISO, security, procurement, legal and compliance

Support incident response and regulatory engagement

What you need

Hands-on operational TPRM (you've done the work, not just overseen it)

Big 4 Australian bank experience (CBA, ANZ, NAB, Westpac)

CPS 220/230 implementation (Material Service Provider assessments, uplift programs)

Control testing at vendor sites (SOC 2 reviews, gap mapping, on-site testing)

TPRM KRIs and metrics (you can explain how you measure third-party risk)

Clear, concise communication (no rambling)

What sets you apart This role needs someone who's done the work

,

not just managed it:

Operational TPRM practitioners, not framework theorists

Hands-on control testing at vendor sites, not Line 2 assurance oversight

Big 4 Australian bank background (consulting alone won't cut it)

Can clearly articulate TPRM KRIs without waffling

Why this role

Established team with real mandate to improve

High-impact role with executive visibility

Focus on practical outcomes, not bureaucracy

Purchased leave options and wellbeing days

Access to learning platforms and career development

Supportive, people-first culture with employee networks

#J-18808-Ljbffr