Cybersecurity Governance Expert
About the Role
Cbus' Security Services must meet the Fund's cybersecurity governance, risk, and compliance obligations through effective GRC practices.
You will be responsible for ensuring the Fund's Information Security Governance framework is maintained, reporting to relevant forums and committees, and updating security policies and standards to address current and emerging threats and regulatory requirements.
A key aspect of this role is developing and implementing an information security awareness strategy, including phishing campaigns and training content, to keep Cbus informed of technology, business, and regulatory developments related to cybersecurity and IT security risks.
You will also establish and maintain security governance and awareness KRIs for reporting to risk committees and stakeholders, and oversee compliance and reporting programs for security policies and standards.
This position requires a strong understanding of security principles, technologies, and best practices, with relevant experience in a similar role. Knowledge of regulations such as APRA and OAIC, and familiarity with ISO 27001, COBIT, and NIST frameworks, are essential.
Developing organization-wide security awareness programs, including familiarity with security platforms, LMS, and phishing simulation tools, is required. Qualifications such as CISA, CRISC, CISM, CISSP, ISO/IEC 27001 Lead Implementer, or equivalent are highly regarded, along with general technical knowledge of operating systems, databases, networks, mobile technologies, and cloud services.
You should enjoy leading and coaching teams, be passionate about your work, and thrive in a collaborative environment.
Requirements
* A strong understanding of security principles, technologies, and best practices.
* Relevant experience in a similar role.
* Familiarity with regulations such as APRA and OAIC.
* Knowledge of ISO 27001, COBIT, and NIST frameworks.
In return for your expertise, you can expect to work in a collaborative environment where diversity and inclusion are valued. This is a full-time position based in Melbourne.
We encourage you to apply if you have the necessary skills and qualifications. Learn more about working with us by visiting our website.