AddressWe’ve only just begun, but what a beginning. In a once in a generation moment, we’ve brought together powerful brands to create one united force. TPG Telecom has a powerhouse of brands which include Vodafone, TPG, iiNet, Internode, Lebara, AAPT and felix. The latest technology and brave thinking let us connect our people and communities. You could play a role in that. A big one. We invite you to bring your boldness and stand out. You are empowered. Opportunities are plenty for those ready to accept the challenge.
This opportunity
As a TechnologySecurity Compliance Assessor, your role is crucial in ensuring that TPG Telecom adheres to regulatory requirements, industry standards, and internal policies related to information security. You will be working closely with the Senior Compliance Manager, IT teams, and other stakeholders to monitor, evaluate and improve the organisation’s security practices and compliance posture.
You will assist in formulating, implementing and maintaining compliance management plan to assess and evaluate compliance to TPG’s policies and procedures, relevant regulatory requirements as well as applicable industry standards such as Payment Card Industry Date Security Standards (PCI DSS) and ISO 27001. You will also assist in identifying and managing third party related risks, following up on risk mitigation actions with relevant internal stakeholders as well as maintaining up-to date third party risks.
Responsibilities
- Establish, build and maintain strong relationships with business units across different domains within TPG Telecom, ensuring effective collaboration.
- Co-ordinate and facilitate external compliance assessment in relation to applicable regulatory, industry standards (ISO 27001/PCI DSS) requirements.
- Communicate information Security Compliance priorities across the organisation and plan, co-ordinate, monitor and report on the status of key priorities.
- Communicate information Security Compliance requirements and expectations to relevant stakeholders, provide guidance and respond to inquiries on information Security Compliance-related obligations.
- Collaborate with stakeholders to conduct regular compliance assessments to evaluate the organisation's adherence to security standards, regulations, and internal policies. This involves reviewing processes, procedures, and practices within the organisation to identify any areas of non-compliance.
- Collaborate with other departments to identify and assess potential information Security Compliance risks and vulnerabilities.
- Assist in developing risk mitigation strategies, controls, and procedures to minimise our exposure to compliance-related risks.
- Monitor and analyse changes in relevant laws, regulations, industry standards and information security accreditation requirements to ensure ongoing compliance.
- Participate in risk assessments and vulnerability assessments to identify security gaps and recommend appropriate controls.
Knowledge and experience
- Experience in ISO 27001 and other information security risk management frameworks
- Skilled in facilitating internal/external audits, workshops and user awareness sessions.
- Strong understanding of information Security Compliance frameworks and methodologies, including the ability to interpret and apply regulatory requirements to organizational policies and procedures.
- Thorough understanding of information security controls.
- Excellent communication and report writing abilities.
- Previous exposure to PCI DSS framework is advantageous.
Benefits and perks
- Flexible hybrid way of working (from home and office)
- ‘Stay Connected Mobile’ – Access to a free mobile plan
- ‘Stay Connected NBN’ – Access to a free NBN 100 plan
- ‘Your Leave’ - an additional 4 days of leave to be used whenever you like - every year
- Access to TPG Learning Hub platform and internal development opportunities
- Access to Corporate Partner Discounts
Bolder and better together!
Don’t meet every single requirement? We're ok with that. Studies have shown that women and those of underrepresented groups are less likely to apply for roles unless they meet every single criteria. At TPG Telecom we recognise that what may make you different, makes the difference!
We’re all about enabling every individual to be their authentic selves and creating a place where everybody belongs. If you are excited about this role, but your experience doesn’t align perfectly with every qualification in the job description, we encourage you to APPLY NOW regardless. You may just be the right candidate for this or perhaps another similar role with us.
We are a 2024 Circle Back Initiative Employer – we commit to respond to every applicant.
Our Talent Acquisition Team and Hiring Managers kindly request no unsolicited resumes or approaches from Recruitment Agencies. TPG Telecom is not responsible for any fees related to unsolicited resumes.
#LI-Hybrid
