Company Logo

Senior Security Risk Analyst

TABCORP

Job Description

Tabcorp is famous for winning moments. Behind (almost) all of them is great tech and talented teams of developers, architects, project managers and support experts. Together, we make sure systems and infrastructure can handle thousands of bets every second. 

The Information Security team helps protect Tabcorp’s critical business environment and this role plays a key part in managing information and cyber security risk of the business. This role will lead security risk management in Tabcorp and will report directly to the Deputy Chief Information Security Officer.

What you’ll do

  • Provide specialist advice to business stakeholders on compliance and adherence to cybersecurity policies, standards, and guidelines
  • You will work closely with Information Security, Chief Risk Office and Technology Risk teams to manage and report on the identification and analysis of security risks and their associated mitigating controls.
  • You will leverage your expertise with security risk management and contribute significantly to the continuous improvement of  information security risk posture of Tabcorp.
  • You will help maintain security risk registers, develop risk assessments and monitor mitigation plans and actions to ensure timely and effective delivery, so the benefits of technology come to life, always with a focus on delighting our customers.
  • You will help us drive new thinking in security risk management by taking a security risk quantification view through risk reporting (including committee and board reports and dashboards) and help us uplift how we identify, manage and report on security risks. Your risk work will also help inform the organisation’s security strategy.

This is a newly revised role in the organisation with the opportunity to stamp your mark and work with a highly experienced CISO and security team.

What you’ll bring

  • Very strong stakeholder engagement and management skills – this role will work with numerous stakeholders across the organisation to facilitate and report on security risk
  • Experience in large-scale complex, diverse and distributed IT operations environment, as well as technology and security controls and developing & implementation of risk mitigation plans
  • Excellent communication skills including experience developing Board and Executive committee reports
  • A passion to drive new ways of working and continuous improvement to our security measurement and reporting, and security risk management
  • Skilled in development and implementation of security risk mitigation & compliance plans
  • Experience in complex networks and highly regulated environments
  • Demonstrated ability to synthesise, present and communicate security and technical information in business language to business, management, executives, and the Board
  • Familiarity with modern technologies and security approaches i.e. cloud security technologies, automation, digital, as well as broader transformation experience in reorganisation and optimising of technology risk and a security organisation
  • A proven track record in applying contemporary practices to deliver measurable improvements to an enterprise’s security and compliance posture
  • Proven experience in developing and maintaining strong relationships with internal and external teams
  • Change management mindset with the ability to adapt as the business changes
  • Experience managing and bringing out the best performance in virtual team members
  • Experience with wide and narrow scope risk assessments and familiarity with published security standards including ISO 27001, NIST CSF and PCI DSS

Nice to Have

You might also have these skills and if you do, it will help you hit the ground running:

  • Ability to design and create digital reporting dashboards (e.g., PowerBI)
  • Exposure to the World Lotteries Association (WLA) standards
  • One of the following certifications: Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC)

 

All our people have the option to take advantage of flexible working, leadership and career development, plus community programs and volunteer days.

About Tabcorp

We’re Australia’s largest gambling entertainment company. Together, we build on our 100+ year heritage by delivering Excitement with Integrity, every day. Each one of us is here to put our customers at the heart of everything we do by creating moments that engage, surprise and thrill.

Our 4,500+ strong team is as diverse as Australia itself. Our people drive homegrown world-class brands; Tatts, TAB, NSW Lotteries, Golden Casket, SA Lotteries, Keno, Sky Racing, Sky Sports Radio and MAX. As an ASX listed company we’re proud to shape our industry for the better. Because together, anything’s possible.

Tabcorp is committed to creating an inclusive workplace where all our people feel valued for their unique qualities and have a sense of belonging. If you need assistance or adjustments to fully participate in the application process, please contact tabcorprecruitment@tabcorp.com.au

COVID-19

Tabcorp supports the Department of Health COVIDsafe App and encourages all employees to download whilst at work. Tabcorp is closely monitoring Department of Health guidelines to ensure we continue to provide a safe working environment.