Information security specialist

Job Overview

Cyber security professionals play a critical role in safeguarding an organization's digital assets from cyber threats.



Key Responsibilities

1. Conduct comprehensive risk assessments to identify potential vulnerabilities and develop mitigation strategies.
2. Implement and maintain robust Information Security Management Systems (ISMS) aligned with industry standards, such as ISO 27001, NIST, and NSW Cyber Security Policy.
3. Develop and enforce policies, standards, procedures, and documentation for information and cyber security.
4. Collaborate with multiple teams, including business stakeholders, procurement, architecture, legal, privacy, risk, and compliance to manage third-party risks effectively.
5. Provide strategic guidance on various cyber assurance activities, including participation in audits and effectiveness testing of cyber controls.



Requirements

1. Proven track record of performing and managing security risk assessments.
2. Experience in governance, risk, and compliance activities, including assessments on third parties.
3. Knowledge of industry standards and frameworks, such as NSW Cyber Security Policy, NIST CSF, SOC2, and ISO-27000 series.
4. Excellent stakeholder engagement and communication skills.
5. Understanding of communication, network & security protocols, cryptography, authentication & authorization, certificate management, Identity & Access Management, and threat modelling.