Information Security Officer
Salary AUD140,000 - AUD160,000 per annum + + super
Consultant Jayden Milat
Date posted 12 September 20192019-09-12 2019-10-12 it Sydney New South Wales AU AUD 140000 160000 160000 YEAR Robert Walters https://www.robertwalters.com.au https://www.robertwalters.com.au/content/dam/robert-walters/global/images/logos/web-logos/square-logo.png
The Information Security Officer will protect the company’s information assets by interpreting and providing guidance on the application of Information Security Standards and any regulatory information security principles or rules.
- Provide advice to the board and senior management that assists with the active maintenance of the franchise’s information security capability.
- Maintaining awareness of the information security landscape and providing timely advice and applicable lesson learned to the Board, senior management.
- Maintaining the franchises Information Security Framework.
- Reporting to the board regarding Information Security Capability, Controls, areas of noncompliance, and information security incidents using relevant and timely data points and metrics.
- Advising the businesses on the completion of their IS Risk Assessments (ISRA) and other related IS-related compliance processes.
- Participating in vendor reviews providing advice to the Vendor’s Business Activity Owner on matters arising from vendor related IS reviews.
- Advising the business on their corrective action plans or their risk exceptions arising from Information Security Control Testing (such as Management Control Self-Assessments, Audits, Risk Assessments, Application or Infrastructure Vulnerability Assessments and vendor IS Reviews).
- Responding to information security incidents with the timely initiation and coordination of emergency actions to protect the country franchise and its customers.
- Assessing and reporting on the adequacy of internal information security control testing and assessment programmes and escalating any material control design or execution issues.
- Providing relevant reporting to, and where required attending, Information Security and governance forums including the ISO forums, Systems & Operations Committee (SOC), Risk Governance Council, and Country Coordinating Committee meetings.
- Preferred industry certifications such as CISM, CISA or CISSP experience.
- 4-7 years of experience working in an Information Security role.
- 2+ years experience working in IS program areas, including, IS Risk Assessment, Third Party Assessment, Identity & Entitlement, Security Incident Response.
- The ability to analyse data and provide meaningful and relevant data driven advice in terms appropriate to the audience within agreed timeframes.
- Experience identifying core issues and appropriate corrective actions plans and tracking their progress to completion.
- Experience working with virtual teams, spanning several countries and several functional groups.
- Experience working within a matrix reporting management structure and balancing local and regional objectives.
- Experience dealing with prudential and financial services regulators and their regulatory frameworks.
- Experience preparing and delivering Board and C level reports regarding information security capability and assessments.
- Financial Services experience is essential.
To apply please click apply or call Jayden Milat on +61 2 82893131 for a confidential discussion.