Senior Governance Risk Manager, Cloud Security
We are seeking a senior governance risk manager to lead and manage the certification, accreditation, assurance, and authorisation activities across our cloud security program.
The successful candidate will establish and execute the overall strategy to achieve the overall milestone for the program. You will be responsible for ensuring the security of our cloud services, which will lead towards achieving the overall outcome for a region.
As a senior governance risk manager, you will serve as the security assurance leader for all components within the cloud capability, guiding and overseeing assurance and authorization activities to ensure adherence to standards and protocols.
You will collaborate with internal teams and customers to establish baselines and level-set the security requirements, security controls, and security objectives. Additionally, you will develop and implement strategies to drive security outcomes across the cloud capability.
Key responsibilities include serving as the Security Assurance leader for all components within the cloud capability, guiding and overseeing assurance and authorization activities to ensure adherence to standards and protocols.
* Serve as the Security Assurance leader for all components within the cloud capability, guiding and overseeing assurance and authorization activities to ensure adherence to standards and protocols.
* Collaborate with internal teams and customers to establish baselines and level-set the security requirements, security controls, and security objectives.
* Develop and implement strategies to drive security outcomes across the cloud capability, determining the methodology for collecting evidence for submission and ensuring compliance with relevant frameworks.
* Implement ISM, PSPF, DSPF, ASIO T4, NIST and/or other security compliance frameworks into design and build baselines to achieve the agreed security posture.
* Create, optimise, and support cross-functional working groups and projects aimed at enhancing security efficiency and effectiveness across the organisation.
* Utilise domain expertise to develop thought leadership material on cloud and emerging technologies, contributing to the organisation's knowledge base and industry positioning.
To be successful in this role, you will have a deep understanding of governance, risk, and compliance programs that directly involve interaction with regulatory bodies. Additionally, you will have experience working with government security frameworks, policies, and standards (e.g., PSPF, ISM, DSPF. ASD Essential Eight).
A degree or equivalent experience in Computer Science, Engineering, Cyber Security, IT Security Management, Security Risk Management or a related field is preferred. You should have a minimum of 5 years' experience in implementing and operationalising security to meet business outcomes.
If you are a strategic thinker with a deep understanding of regulatory landscapes, solid understanding of cloud technologies, experience in security and compliance, and demonstrated success in driving innovative strategies to overcome complex policies and obstacles to cloud assurance and authorisation, then we encourage you to apply.