Risk and Security Manager


Job Responsibility:

• Risk Champion for Corporate IT; leading, mentoring and coaching an extended team of risk champions across Corporate IT
• Design and execution of the Cyber Security and Technology Risk strategy across Corporate IT
• Work with IT teams to ensure adherence to Group Cyber Security and Risk & Compliance policy and frameworks
• Ensure that Corporate IT meets requirements of regulator / audit / governance committee deliverables, working with owners to meet quality and timeliness requirements
• Oversee the coordination and Corporate IT responses to Internal and External Audit engagements, working with owners to meet quality and timeliness requirements
• Consult into projects, initiatives and remediation activity acting as a risk SME providing advice and guidance as required
• Manage the Information Security Strategy and ensure alignment with the required Group IT governance standards as well as Corporate IT's goals and objectives
• Responsible for the continuous improvement of Corporate IT's cyber security governance model through framework alignment, controls definition and assessment, standards development, and compliance measurement.
• As a subject matter expert on cyber security best practice, you will provide consultative advice and governance over the first line's control activities.
• You will successfully collaborate with the Group IT Cybersecurity and Risk leadership teams to help define and drive the adoption of a cyber security control framework that allows for the continuous measurement and simplified reporting of control effectiveness.
• You will help define the appropriate oversight model and flow of information working closely with the control operators across Technology.

Technical capabilities of the role

Skill/ experience/ qualifications

• Minimum of 5 years' experience in security governance, operational risk management, IT audit, internal controls/risk management;
• Demonstrated competencies with Operational Risk activities within the Three Lines of Defence model.
• Best practice standards such NIST, COBIT 5, ISO27001 or ITIL and an understanding of regulatory compliance requirements such as CPS234
• Demonstrated experience in a similar information security management role, working within in in a fast-paced financial or government environment, with demonstrated experience in compliance and regulatory requirement
• Qualification aligned to Computer Science, Business or other relevant field and relevant professional certification/qualification: Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)
• Evaluating compliance to policy, standards and procedures

If it sounds Like you please hit apply and I will get in touch with you

Pushkar Sharma

Candidate Manager

Let's Connect

https://www.linkedin.com/in/pushkarsharma09/

+61 2 9249 8023

By submitting your resume and other personal information with this application you are consenting to this information being collected in line with our privacy policy. Follow the link to learn more - www.experis.com.au/privacy-policy

State: QLD, licensee/s Manpower Services (Australia) Pty Ltd, LHL-02026-D5L4Q. State: QLD, licensee/s Greythorn Pty Ltd, LHL-02014-Y5F6D. State: SA, licensee/s Manpower Services (Australia) Pty Ltd, LHS 288856