Security Assurance Manager PN20001060 VPS6 Ongoing
About the opportunity
This is a VPS6 Ongoing psoition.
The department is seeking a Security Assurance Manager to ensure security obligations are effectively identified and managed to enable the successful delivery of information technology strategic and operational plans.
The Security Assurance unit defines and governs the progress of audit and compliance according to standards and policies. The unit reports to the Chief Information Security Officer and collaborates with the department's Integrity, Assurance and Executive Services Division in fulfilling 2nd line governance responsibilities and obligations. It includes organising and coordinating performance reporting to the oversight risk committee.
About you
The primary purpose of the role is to ensure that the audit framework supports second line audit review procedures and governance. Responsibilities for the role include:
- Establish an audit framework in support of second line audit and review procedures;
- Manage a team of direct reports to establish and oversee a calendar of compliance activities;
- Work closely with the Assurance division in alignment with their framework and procedures to ensure consistent oversight;
- Prepare formal findings reports and briefings to communicate progress, exceptions and recommendations.
- Evaluate and develop compliance reviews in support of new programs and evolving solutions.
The Security Assurance Manager is a subject matter expert in audit and compliance who can demonstrate an ability to develop frameworks and provide insights on the effective performance of controls. As the ideal candidate, you will have:
- Leadership experience running assurance programs overseeing a team of analysts responsible for compliance and exception reporting
- Experience establishing structures to periodically monitor compliance and alignment with information security standards;
- Experience providing audit reporting to steering committees on findings and progress of specific compliance reviews;
- Exposure to a variety of security frameworks and audit standards, ideally with experience in Victorian Protective Data Security Standard and Commonwealth Protective Security Policy Framework.
- Consulting experience in this or similar roles that support continuous improvement advisory.
For more details regarding this position please see attached position description.
The Department values diversity and inclusion in all forms - gender, religion, ethnicity, LGBTIQ+, disability and neurodiversity. Aboriginal and Torres Strait Islander candidates are strongly encouraged to apply. For more information about our work, working for the Department, diversity and inclusion, and our employment conditions visit the Department website [education.vic.gov.au] , HRWeb [education.vic.gov.au] and our Diversity and Inclusion page [education.vic.gov.au].
Applicants requiring adjustments can contact the nominated contact person.
Applications close: 22 May 2024