Information Security Officer
This is a pretty fab role working with a NFP business. The business is growing and needs an experienced IT Security specialist to own all aspects of information security.
Reporting to the CTO, day to day the role will be maintaining, managing and enhancing security of systems and processes across all aspects of the business, from supply chain to operational stability. The role is about aligning with the businesses’ objective of maintaining world’s best practice in information security. As security policies are developed and refined, the approach for achieving compliance with these policies will be about communication, education, guidance, facilitation and enforcement (using automation where possible).
- Australian citizenship.
- Minimum 5 years’ experience in Information Security with a good understanding of security operations.
- Significant knowledge of Risk Management Frameworks and Vulnerability Management.
- Proven experience implementing and managing a GRC program.
- Extensive knowledge of ISO 27001 standards and requirements.
- Demonstrated experience implementing, maintaining and improving information security risk management systems in alignment with ISO 27001/27002.
- Proven experience developing Information Security strategies.
- Experience in Data Loss Protection.
- Proven experience and a strong understanding of SIEM.
- Demonstrated ability to work on security projects as a team lead.
- Ability to perform analysis of security risks and develop mitigation strategies.
- Knowledge of Australian Government Information Security Manual (ISM), Essential 8 and Protective Security Policy Framework (PSPF) preferred.
- Relevant certifications in CISSP, CISM, CRISC, SABSA, SANS preferred.
This role will suit someone who can work autonomously with great initiative and who is highly passionate about all aspects of information security.
Email with queries to [email protected]