Third Party Risk Management Specialist

The Star Entertainment Group (TSEG) is a publicly listed company on the ASX. Our purpose is to create fun at trusted destinations and our aim is to deliver sustainable outcomes for our guests, our Team Members, the communities in which we exist and our shareholders. We do this by providing entertainment, gaming, and leisure experiences in a safe, responsible, and ethical way. We will do this by embedding our values to lead the organisation with a focus on safer gambling and good business practices.

Our properties across Brisbane, the Gold Coast and Sydney are world-class with many award-winning hotels, restaurants, bars, and entertainment venues.

As our Third Party Risk Management Specialist reporting to the Head of Third Party Risk Management, you will be responsible for ensuring that an organisation effectively manages risks associated with its third-party relationships. This involves conducting thorough risk assessments of vendors and partners, continuous monitoring to identify and mitigate potential risks, and ensuring compliance with relevant regulations and industry standards

This is a fantastic opportunity where you will implement best practices and innovative solutions to improve risk management processes is also a key aspect of this position.

A few of your responsibilities:

• Conduct security assessments of third-party vendors, including reviewing security questionnaires, certifications (e.g., SOC 2, ISO 27001), and penetration test results.
• Maintain and update the third-party inventory, ensuring accurate records of vendors with access to systems or sensitive data.
• Work closely with internal teams (e.g., Cyber Awareness & Training, IT, Legal) to promote secure third-party engagement practices.
• Assist in the development and implementation of long-term internal platforms and processes for managing third-party risk
• Support the onboarding, monitoring, and offboarding processes by ensuring third-party engagements align with internal security standards and regulatory requirements
• Contribute to the development and delivery of awareness materials and training sessions related to third-party risk.

What we are looking for:

• Minimum 10-12 years of experience in third-party risk management or a related role.
• Proven track record of developing and implementing successful third-party security risk management programs and experience with Third Party Risk Management tools.
• Bachelor's degree in Information Security, Risk Management, or a related field (minimum).
• Strong communication, collaboration, and negotiation skills.
• Experience in contract management and vendor relationship management is a plus.

Demonstrates foundational knowledge of the NIST Cybersecurity Framework and SOC 2 compliance standards.

About you:

You are a detail-oriented Third Party Risk Management Specialist with a strong understanding of risk frameworks and regulatory compliance. You thrive in fast-paced environments and work effectively within collaborative teams.

Your role will be pivotal in driving impactful outcomes and shaping future solutions by assessing vendor risks, ensuring due diligence, and supporting organisational resilience