Information Security Manager | Autosports Group

Open to applicants from Auckland, Melbourne, Sydney, Brisbane or Gold Coast.

Autosports Group Limited is Australia’s largest listed prestige, luxury and super luxury automotive retail group employing approximately 1,800 people across 55 businesses across Australia and New Zealand.

As an Information Security Manager, you will be a key player in managing the day-to-day security operations functions, working with internal IT staff, system/application owners, stakeholders, and service providers to uplift ASGs security processes and across all security domains. 

Key responsibilities:

• Security Operations manage vendor performance and relationship for continuous monitoring (SIEM), analysis and investigation of security incidents and threats. 
• Work with cross functional stakeholders, including IT, legal and law force agencies when necessary to develop and engage in incident response, planning and execution, including containment, eradication, and recovery. 
• Monitor and enforce data handling and protection practices to ensure confidentiality, integrity and availability of personal information.
• Work with vendors and internal stakeholders to ensure vulnerability scanning and penetration testing activities are effective and track remediation activities to ensure compliance with ASG security policies and standards.
• Drive audits, assessments and reporting on compliance with security posture and incident activities.
• Update and maintain policies, standards and procedures as required.

Professional skills, qualifications and experience 

• 1- 3 years’ experience in a Security Operations Centre
• 3-5 years’ experience in IT Operations or IT Service Management
• Experience working with hybrid Azure AD, MSP managed environments (multi-vendor)
• Experience in developing workflows and operational processes
• Experience leading operational teams and delivery vendors
• Strong understanding of ISO 27001/2 and ISO20001 
• Proficiency in IAM technologies and solutions, including identity management systems, directory services, SSO, MFA, and PAM.
• 1 or more professional certifications are necessary with (ITIL, ISO20K, Azure, CISSP, CISM, CISA, or CRISC)

At ASG our purpose is to drive endless possibilities, for our customers, employees, shareholders, and brand partners. Our Values include Strive for Excellence, Care, The Village and to Lead Change. We warmly welcome people of all genders, backgrounds, and situations to deliver an equal diverse customer base.