I am working with a leading education institute in Melbourne CBD whom are currently going through a growth phase and are looking to expand their internal team.

The purpose of the role:

The overall purpose of the Security and Risk Assurance Manager is to leads the delivery of cybersecurity governance, assurance, risk (including third party risk management), and compliance programs and initiatives to help understand, measure, and manage my client's cyber-risk posture that underpins the their strategic goals. This highly visible role will be key to establish and enforce strong security practices across their businesses and strategic programs; including defining key security indicators, policies, standards and processes.

Organisational Unit

My client's information technology infrastructure provides capability to support teaching, learning, research and administration. The Information Technology Services (ITS) department provides services in relation to networks, communications, computing platforms, data stores, desk-top and mobile access, administrative enterprise systems, student learning environments, information security and IT risk management. The Director of their Cyber & Digital Networks provides strategic direction to the cyber - security practices for enterprise systems in alignment with corporate risk management and IT controls framework. The ITS Security and Risk Assurance oversees the development, implementation and enforcement of a range of underlying security controls, governance and risk assurance capabilities whilst ensuring enablement of strategic digital and transformational objectives.

Key Accountabilities:

• ITS Portfolio Risk Management
• Enterprise Cyber and Technical Risk Advisory
• Threat Model and Assessment
• ISMS Development and Maintenance
• Cyber Governance

The main skills for this role:

• Strong understating of security risks, governance and management reporting practices and standards including NIST, CSF, Cobit5, ISO2700x
• Ability to display training and certifications aligned to IT security including CISA, CISSP, CISM.
• Extensive experience in reviewing contracts to identify security risks of new solutions and cloud based services.
• 10+ years of experience working in ISM and/or related functions such as Security Manager, IT Risk Management or IT Audit.
• Demonstrated experience in managing technical interactions as well as champion services in security advocate roles.

If you are looking for a career where you can use our experience to deliver real results, this is the one for you.

If you are interested in this role or would like to have a confidential discussion about this, or any other role, apply now.

Due to the large amount of applications, only the successful candidates will be contacted.

Adrian Orleanski
Recruitment Consultant

ManpowerGroup is committed to being a Diversity Confident Recruiter and encourages applications from people from a diverse range of backgrounds, including people with a disability. Please indicate your preferred method of communication in your resume and please let us know if you require any reasonable adjustments should you be contacted for an interview.

Aboriginal and Torres Strait Islander people are encouraged to apply.

By submitting your resume and other personal information with this application you are consenting to this information being collected in line with our privacy policy. Follow the link to learn more - www.manpowergroup.com.au/privacy-policy

Experis Pty Ltd is a wholly owned subsidiary of ManpowerGroup

State: QLD, licensee/s Manpower Services (Australia) Pty Ltd, LHL-02026-D5L4Q. State: QLD, licensee/s Experis Pty Ltd, LHL-02014-Y5F6D. State: SA, licensee/s Manpower Services (Australia) Pty Ltd, LHS 288856