Manager, Third Party Technology & Cyber Risk

• Join us in shaping the future of the insurance industry, driven by innovation and a 150-year legacy of protecting people
• Work with experienced and skilled colleagues who support and inspire one another to achieve collective success 
• Enjoy benefits such as discounted insurance, health and well-being programs, and a range of employee benefits to support your lifestyle

Welcome to TAL. As a leading life insurer, we’ve been protecting Australians for over 150 years. Backed by Daiichi Life, we're driven by big ambitions and empower to create better products and services. 

Together with our Partners, we’re helping millions of Australians live a life filled with choices, options, and freedoms. See the direct impact you make delivering support and financial security with care and expertise. Grow beyond expectations with diverse roles, global connections, and exclusive learning opportunities. 

Work with passionate, bright and capable colleagues. Feel inspired by supportive leaders. Collaborate with heart, where flexibility, wellbeing and inclusivity is valued. Together, we're reimagining insurance. 

So, bring a curious mind and an ambition to help us become the progressive, digitally enabled leading insurer. 

The Manager is part of the Third-Party Tech & Cyber Risk team within the Technology & Cyber Risk function in the
Technology Business Unit. The role leads partner-facing technology and information security assurance activities, including coordinating responses to business partner requests, maintaining partner assurance artefacts, and supporting periodic assurance and reporting.

The role also supports delivery of TAL’s third-party technology risk and cyber security management approach, including embedding relevant technology and cyber contractual clauses and governance expectations. This role is accountable for maintaining and continuously improving relevant frameworks, policies, practices and controls to ensure TAL’s risk posture remains within appetite.

In this role you will:

• Engage and coordinate across Technology, Risk, Legal, Procurement and Partnerships to provide consistent information on TAL’s control posture and risk management approach.
• Support response to technology and information security assurance queries from business partners ensuring responses are timely, accurate, and aligned to TAL’s internal technology & cyber control environment.
• Review and interpret independent assurance artefacts (e.g., SOC reports, ISO certifications) and translate outcomes into clear positions and control summaries.
• Produce concise reporting for Technology leadership / ELT on partner assurance demand, key themes and emerging risks, partner-impacting issues, and remediation progress, including escalations where commitments may be at risk.
• Plan and execute targeted internal control deep dives (design and operating effectiveness) over selected technology/cyber controls to validate partner commitments and strengthen confidence in assurance responses.
• Assist with the uplift and maintenance of partner-facing technology and cyber clauses to align with TAL’s regulatory obligations and evolving threat environment, in collaboration with Legal, Risk and Technology stakeholders.

• Bachelor’s degree in Information Technology, Cybersecurity, Risk, Audit, Finance, or related discipline; relevant certifications such as CISM/CRISC/CISSP (or equivalent) preferred.
• 3+ years experience (recommendation for manager level) in Technology Risk, Cybersecurity, Controls
  Assurance/Internal Audit, Third-Party Risk, or GRC, with demonstrated ownership of deliverables and stakeholder management across Technology and business teams.
• Demonstrated experience performing control testing (design & operating effectiveness), including defining test steps, evidence requirements, sampling approaches, documenting workpapers, and driving remediation actions to closure.
• Strong working knowledge of APRA CPS 230 / CPS 234 and how these translate into practical governance, assurance expectations, evidence standards, and contractual obligations.
• Hands-on experience reviewing and interpreting industry assurance artefacts (e.g., SOC reports, ISO 27001 certification/SoA, and related third-party attestations) and converting them into clear assurance positions for stakeholders/partners.
• Familiarity with commonly used security/control frameworks and regulatory considerations (e.g., ISO 27001, NIST CSF, Privacy Act, SOCI, and where relevant SOX-type control principles).

TAL is one of Australia’s leading life insurers, committed to inclusion, and supporting the career growth of our diverse workforce. We’re proud to be:  

• An Inclusive Employer – Recognised as Employer of Choice for Gender Equality by the Workplace Gender Equality Agency and Bronze Tier Status within the Australian Workplace Equality Index  
• Diversity Champions – Member of Diversity Council Australia, Australian Disability Network, Pride in Diversity and Champions of Change  
• Reconciliation Advocates – Read our Innovate Reconciliation Action Plan. 
• We welcome applications from people with diverse experiences, perspectives and backgrounds including Aboriginal and Torres Strait Islander people, caregivers, individuals living with disabilities, people from culturally diverse backgrounds and the LGBTIQ+ community.  
• Need adjustments during the recruitment process? Let our team know by getting in touch with us here.—we’re here to support you. 

You’re always accountable for your actions. You never give up. You strive to find the best outcomes for customers and partners. And you value working together to find the best solutions for problems.   

As part of the recruitment process, there are several checks which may be conducted to demonstrate your eligibility for a role at TAL including Criminal History, Bankruptcy, Entitlement to Work, Regulatory and Reference Checks.  

#LI-Hybrid  

Everyone at TAL has a responsibility to do the right thing and is accountable for the way they conduct themselves. Our expectations are that you follow the principles set out in our Code of Conduct when you come to work every day. Risk management is everyone’s responsibility.

If you are already a TAL employee please apply via the SmartRecruiters button in Workday and navigate to the Employee Portal. This is important to ensure that your application is recorded accurately.