Join an award winning Financial Services firm in a newly created IT Governance Manager role. Excellent company benefits & work flexibility.
- Award-winning Medium sized Financial Services firm
- Inclusive and collaborative team environment
- Hybrid/flexible working arrangement. Permanent role based in Melbourne CBD.
Seeking a pragmatic and dynamic IT Governance Manager to provide advice, guidance and governance on the implementation of a best in class IT Security Risk Management Framework. Manage the operation of data security controls in line with the Prudential Standard CPS 234, cyber security risk framework, data governance framework, and ensure alignment with Information Security polices, standards and procedures.
- Lead the development and improvement of data security policies, procedures, standards and guidelines across the organisation, in line with industry relevant regulatory requirements and recommended practice (e.g. CPS 234, ISO27001, NIST Cyber Security Framework)
- Provide general IT risk management and project assurance advice to stakeholders
- Conduct detailed risk assessments and maintain the IT risk register
- Undertake identification, evaluation and testing of IT key controls by conducting Line 1 control testing, gathering evidence, interpreting data, and documenting test plans and results.
- Contribute to updates of IT Governance and information security policies, procedures, and standards.
- Identify and evaluate IT risks associated with the projects and develop mitigation strategies
- Contribute to and drive effective data security risk discussions and processes, to manage cyber and data risk
- Support third party security risk assessment processes to ensure data security requirements are included and in line with CPS 234
- Contribute to the delivery of data security education and awareness programs across the enterprise
- Develop timely and informative data security posture insights and metrics, to inform effective cyber reporting and decision making
- Lead various information capability assessments and operational activities
- Collaborate with executives, board/committee and the external outsourced IT provider
- 5 + years experience in IT Security, preferably within financial services
- Strong technical understanding of Cloud based and hybrid IT environments
- Understanding of IT infrastructure and application architecture, log analysis, security forensics and incident response
- Ability to develop IT policies, procedures
- Self-motivated with excellent organisational skills
- Advanced technical knowledge of email, web and network security, Microsoft/Office 365 security, Identity Management and Advanced Threat Protection
- Excellent interpersonal skills (written & oral) with the ability to deal effectively with personnel at all levels
- Experience and in-depth understanding of CPS 234 (Highly desirable)
- Understanding and working knowledge of industry specific frameworks e.g. NIST CSF
- Experience with SOC 2, ASAE 3150 reports
- Experience specialising in aspects of Information Security
- Knowledge of Information Security governance
- Postgraduate degree in Cybersecurity, Information technology or related discipline
- Development and implementation of cyber metrics and cyber reporting approaches
- Sound business judgement and acumen
If you are considering your next step and are looking for an exciting opportunity to make a significant impact, we want to hear from you.
For a confidential chat, contact Jennifer Jones at Ink Recruitment on +61 (0)409 926 897.