Santos provides reliable, affordable energy for progress and seeks to provide lower carbon energy over time.Santos is a global energy company with operations across Australia, Papua New Guinea, Timor-Leste and the United States.At Santos, our goal is to be a global leader in the energy evolution to low-carbon fuels that help the world decarbonise and continue to provide the reliable, affordable energy the world needs for modern life and human progress.Santos is an important Australian domestic gas supplier and LNG supplier in Asia. We are committed to supplying critical fuels such as oil and gas, and abating emissions through carbon capture and storage, energy efficiency projects, use of renewables in our operations and high-quality offsets. Santos will also seek to develop low-carbon fuels as customer demand evolves.For 70 years, Santos has been working in partnership with local communities, providing jobs and business opportunities, safely developing natural gas resources and from there powering industries and households.Santos seeks to deliver long-term value to shareholders through our diverse portfolio of high-quality, long-life, low-cost oil and gas assets, carbon storage resources and infrastructure.The Santos portfolio is value accretive and resilient across a range of decarbonisation scenarios. Santos has a climate transition action plan that will continue to evolve for the global energy evolution.Santos has a regional operating model with a strong local focus. The Company's operating structure comprises three regional business units focused on enabling and executing corporate strategy. Two divisions - Santos Energy Solutions and Santos Upstream Gas and Liquids - are accountable for global portfolio management and strategy.Following the implementation of our Santos Regional Model, Santos has multiple new Information Systems opportunities available in Adelaide. These are fantastic opportunities to join an ASX20 company, and for you to grow your career in our head office.About the RoleThe primary objective of this position is to ensure the organisations cyber security posture remains robust and compliant with industry standards and regulations. This dynamic role encompasses developing and enforcing the company cyber Security Governance framework, managing policies and procedures, overseeing risk assessment and mitigation strategies, ensuring compliance with regulatory requirements, and driving continuous improvement initiatives.Key accountabilities include:
- Develop and enforce the organisation's cyber Security Governance framework.
- Oversee the creation, review, and maintenance of cyber security policies, standards, and procedures.
- Lead the identification, assessment, and prioritisation of cyber security risks, and develop risk mitigation strategies.
- Monitor regulatory requirements and industry standards, ensuring compliance and readiness for audits.
- Collaborate with incident response teams to develop and maintain robust incident response plans.
- Develop and deliver cyber security training and awareness programs for employees at all levels of the organisation.
- Establish processes for evaluating and managing cyber security risks associated with third-party vendors.
- Define key performance indicators (KPIs) and metrics to assess the effectiveness of cyber Security Governance activities.
- Drive continuous improvement initiatives within the cyber Security Governance function.
- 7+ years' experience in cyber Security Governance, risk management, and compliance.
- Demonstrated expertise in developing and implementing cyber Security Governance frameworks, policies, and procedures, particularly in the energy sector.
- Experience conducting risk assessments, identifying vulnerabilities, and implementing risk mitigation strategies.
- Experience leading incident response planning, including developing and testing incident response plans.
- Experience developing and delivering cyber security training and awareness programs.
- Experience in vendor risk management, including evaluating and managing cyber security risks associated with third-party vendors and service providers.
- Proficiency in defining and tracking key performance indicators (KPIs) and metrics to measure the effectiveness of cyber Security Governance activities.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively across diverse teams and influence stakeholders at all levels of the organization.