Job Opportunity
Hannover Re is a leading and most profitable reinsurer with over 3,500 employees globally.
We are seeking an Information Security Specialist to join our Sydney office. The role will report directly to the Technology Governance Manager.
* Safeguard Hannover Life Re's information security posture by ensuring adherence to regulatory requirements, conducting ISO 27001 control testing, and promoting robust security controls.
* Provide regular reports to senior management on technology and information security governance, risk assessments, compliance status, and incident reports.
* Collaborate with internal and external stakeholders to enhance company adherence to APRA (CPS 234, CPS230) and industry frameworks (ISO 27001, NIST).
* Develop, update, and enforce policies, procedures, and standards related to information security, data protection, and technology risk management.
* Evaluate the effectiveness of governance practices and controls, recommending improvements to enhance the organisation's security posture.
The ideal candidate will have a passion for Information Security, with experience working in financial services or insurance industries. They will possess a strong understanding of Cyber risk, security landscape, and incident response, as well as analytical, problem-solving, and organisational skills.
The successful candidate will also have:
* A Bachelor's degree in Information Technology, Cybersecurity, or a related field.
* In-depth knowledge of the ISO 27001 framework and compliance assessment processes, familiarity with APRA standards, including CPS 234 and CPS 230.
* A solid grasp of data protection laws, regulatory obligations, and audit review practices.
* Experience with risk management and vendor assessment procedures, demonstrating ability to monitor and respond to emerging cyber threats and vulnerabilities.
* Strong analytical, problem-solving, and organisational skills, clear and effective communication skills, both written and verbal.
* Ability to engage with senior stakeholders, including Board-level Executives, skilled in relationship management and cross-functional collaboration.
* Capable of working independently and as part of a team.
* Experience with platforms such as Digital Guardian and UpGuard, professional certifications such as CISSP, CISM, CISA, or CRISC.