AddressNFP in the northern suburbs have an opportunity for a Head IT Security to join to the organisation and lead the security function. The successful candidate will play a crucial role in ensuring the security and integrity of the organization's IT systems and data.
Key Responsibilities:
- Develop, implement, and maintain IT security policies, procedures, and protocols in accordance with ISO 27001 standards.
- Lead the Right Fit For Risk Program and be accountable for driving success and maintain accreditation
- Develop and execute the Groups information security strategy, policies, and procedures to safeguard digital assets, data, and infrastructure.
- Lead and manage a small team of cybersecurity professionals to effectively implement security measures and protocols
- Conduct risk assessments and vulnerability analyses to identify potential security threats and weaknesses and develop mitigation plans.
- Stay abreast of the latest cybersecurity trends, threats, and technologies to continually enhance the organisation's security posture.
- Collaborate with all business and departments, such as IT, legal, property and risk, to ensure alignment of security initiatives with business objectives and regulatory requirements.
- Oversee the implementation of security controls, such as access controls, encryption, and intrusion detection systems, to prevent unauthorised access and data breaches.
- Develop and implement incident response plans to effectively respond to and mitigate security incidents and breaches.
- Contributing to business continuity and disaster recovery planning to ensure it is effective.
- Oversee cyber supply chain risk management activities to collaborate with Legal, Procurement and the business to ensure compliance.
- Manage and maintain policies relevant to IT Security.
- Provide regular reports and updates to senior management and stakeholders on the Groups security posture, including key metrics and emerging threats.
- Lead cybersecurity awareness and training programs to educate employees on best practices for security hygiene and compliance.
- Foster a culture of security awareness and accountability throughout the group, promoting a proactive approach to cybersecurity.
Key Skills and Qualifications:
- 8 to 10 years in information security with 5 + years in a leadership role
- Strong technical background in IT security, with a deep understanding of security principles, technologies, and best practices.
- Proven experience in maintaining ISO 27001 certification and implementing related security frameworks.
- Strong knowledge of regulatory requirements, such as GDPR, HIPAA, and PCI DSS.
- Familiarity with the Australian Government's Protective Security Policy Framework (PSPF) and Information Security Manual (ISM).
- Hands on IT Security Background with and understanding around Penetration Testing
- Excellent communication and interpersonal skills, with the ability to effectively liaise with internal and external stakeholders at all levels.
- Strong leadership and decision-making abilities, with a focus on driving results and achieving organizational objectives.
- Relevant certifications such as CISSP, CISM, or equivalent
Flexible work requirements, happy with 1 or 2 days per week in the office for the right candidates (or more if desired).
Please apply for immediate consideration or call Liz on 0414214*** for a confidential discussion.
