Or client is a fast growing Retail organisation on the lookout for an experienced Senior Information Security Risk Officer to join their team.
- Permanent Role - Sydney Based
- Great Opportunity Take Fuller Ownership OF In House Information Security
- Experience with NIST, ISO27001, or ISM
Your Responsibilities:
- Monitoring and assessing emerging threats and vulnerabilities to the environment and ensuring those requiring action are addressed.
- Providing advice and education and maintaining the deployed security tools.
- Working with the wider Technology team in proposing Security Solutions for Network, Infrastructure, Integrations, SaaS and Endpoints.
- Security Incident Response and Management working with third party vendors and internal stakeholders.
- Assist with the development of relevant IT and Information Security Policies, Procedures and Training Material
- Provide technical administration support for security suite of software and hardware.
- Evaluate security policy, processes and procedures for completeness
- Ensure that controls are adequate to protect sensitive information systems
- Work with external partners and contractors to drive outcomes and manage end to end Security Infrastructure and policies.
- Improving BAU security posture
- Securing our cloud systems
- Securing integration layer
- Securing new and existing systems
- Securing our integration platform
- Cyber awareness programs
- Supporting Audit and Security Governance reviews
- Experience 3-5 years
- Extensive experience working within a cyber security role
- Experience with NIST, ISO27001, or ISM and strong stakeholder management skills or Certified in Risk and Information Systems Control (CRISC) or other risk management certification
- Good Understanding of infrastructure level technologies
- Good knowledge of security policy framework, risk management methodology, process, IT risk management
- Systems, tools, and conducting security risk assessments
- Experience in performing high level analysis, review and support the planning and management of security projects