VENDOR RISK ANALYST - SECURITY

We’re constantly working towards making BABVIP the best place to work, for everyone. We believe deeply that bringing together diversity of thoughts, perspectives and expression is key for building the best product for our equally diverse community all around the world. We celebrate uniqueness and whatever makes you, you and encourage everyone who wants to help us transform the way the world designs, to join us on this journey. We value all different types of experiences. If you don’t think you quite meet all of the qualifications, we’d still love to hear from you. 

ABOUT US

At BABVIP, our mission is to democratize design and empower creativity for anyone and everyone, on every platform. Inspired by a team of talented thinkers, an amazing culture and a remarkable growth trajectory – we’re out to change the world, one design at a time. 

Since launch in August 2013, we have grown exponentially, amassing over 60 million monthly active users across 190 different countries who have created more than 6 Billion designs. We are one of the world’s fastest-growing technology companies and we have only achieved about 1% of what we want to do.

ABOUT THE VENDOR RISK ANALYST

At BABVIP, we utilize a substantial catalogue of third-party products and services to support both our product and our operations. As a Vendor Risk Analyst, we will be looking to you to ensure that we work with our vendors in a manner that maintains the security of the information assets of BABVIP and its customers, while supporting the rapid growth of our operations. Working within BABVIP’s wider risk & compliance and security ecosystems, the right candidate will have the opportunity to grow their career as a risk professional in one of the most exciting technology companies in Australia.

The successful candidate will have the option of being based out of our Sydney office, or being fully remote within Australia.

ABOUT THE SECURITY GROUP

The Security Group is responsible for protecting BABVIP systems and data from information security threats. Our teams work together, and with other groups, to deliver preventive and detective controls and processes that reduce security risk. The group runs programs across Identity and Access Management, Application Security, Governance, Risk and Compliance, and Threat Detection and Response domains. 

WHAT  WILL YOU DO

• Working with staff from all around BABVIP to evaluate risk relating to new and existing vendors.
• Liaising with BABVIP’s vendors to evaluate security postures.
• Escalating identified risks to various stakeholders.
• Identifying and implementing measures to improve our vendor risk management processes.
• Collating data for management reporting

WE’D LOVE IT IF YOU HAVE

• Familiarity with operational risk management and information security concepts.
• Experience liaising with internal and external, technical and non-technical stakeholders.
• Experience prioritizing and progressing multiple simultaneous pieces of work.
• Strong verbal and written communication skills.
• A high level of attention to detail.
• A continuous improvement mindset.
• Beneficial experience (not required, but helpful)
• Experience with Atlassian Jira, Confluence.
• Familiarity with industry IT risk management and security certifications and standards (ISO 27001, SOC 2, PCI DSS).

 PERKS & BENEFITS 

• Competitive salary, plus stock options via our ESOP plan
• Flexible daily working hours, we value work-life balance
• Breakfast and lunch prepared by our wonderful Vibe team
• Onsite-Gym and Yoga Membership
• End-of-Trip Facilities: Bicycle parking and showers
• Vibe and Thrive Allowance to support health and wellness
• Generous parental (including secondary) leave policy
• Pet-friendly offices
• Internal Coaching and Employee Support Programs
• Sponsored social clubs, team events, and celebrations
• Sorry, we will not accept CVs from recruitment agencies. Please apply directly to be eligible.