Senior Security Risk Assessment Specialist

The Information Technology IT team plays a key role in providing business enablement throughout ResMed We are focused on application infrastructure and user productivity solutions with innovation efficiency and security Our goal is providing customer oriented agile delivery effective business partnership and state-of-the-art technology solutions About the Role This global role within Resmed s Enterprise Security Group is responsible for ensuring the confidentiality integrity and availability of Resmed s information assets and computing infrastructure We are seeking a seasoned and proactive Senior Information Security Specialist to lead security risk assessments across cloud environments third-party vendor solutions and AI ML-enabled products The successful candidate will demonstrate strong technical expertise risk analysis capabilities and communication skills to engage independently with project teams advise on secure design principles and deliver high-quality reports that inform business decisions and support audit readiness This position requires close collaboration with enterprise security leadership business stakeholders and technical teams across diverse time zones and cultures to ensure alignment between security strategy and organizational objectives Let s talk about Responsibilities Lead security engagement across global projects ensuring alignment of security practices with business and technical goals Conduct end-to-end security risk assessments for cloud-native and hybrid deployments including architecture and control reviews for new implementations and managed services Evaluate third-party SaaS PaaS IaaS products during onboarding and integration to ensure security and compliance requirements are met Lead security reviews of AI ML-based products focusing on secure product design guardrail enforcement and risk mitigation Collaborate with project managers product owners architects and developers to embed security throughout the SDLC Communicate security risks and mitigation strategies in business-relevant language Produce and maintain high-quality documentation including risk assessments security summaries and remediation recommendations Track risks and controls using GRC tools ensuring traceability and accountability Stay current with emerging technologies threats and best practices in information security Contribute to the continuous improvement of internal security frameworks and processes Let s talk about Qualifications and Experience Required 7 years in Information Security with at least 3 years in risk assessment or security advisory roles Proven ability to independently lead security reviews across diverse technologies Strong understanding of key security domains including Secure access Data encryption Application and Network security Data loss prevention Endpoint protection CSPM CASB PAM ZTNA Logging Monitoring Vulnerability management and Incident response Experience in evaluating AI ML systems from a security and ethical risk perspective Familiarity with third-party vendor risk management practices Working knowledge of frameworks such as ISO27001 NIST CSF CIS Controls and Benchmarks Exceptional verbal and written communication skills with a proven ability to produce concise and actionable reports Preferred Professional certifications such as CISSP CISM CCSP CRISC or AWS Security Specialty Familiarity with regulatory and industry compliance frameworks including ISO27001 SOC 2 GDPR HIPAA AI Risk Frameworks NIST AI RMF ISO IEC 42001 Experience in a healthcare or manufacturing environment LI-India Joining us is more than saying yes to making the world a healthier place It s discovering a career that s challenging supportive and inspiring Where a culture driven by excellence helps you not only meet your goals but also create new ones We focus on creating a diverse and inclusive culture encouraging individual expression in the workplace and thrive on the innovative ideas this generates If this sounds like the workplace for you apply now We commit to respond to every applicant