A global engineering and construction company with a presence in Sydney is currently seeking a Senior GRC Cyber Security Manager on a permanent basis.
Responsibilities:
- Support the CISO as a liaison to the executive boards on matters of cyber security, cyber risk and the overall cyber security strategy for the group.
- Develop the cyber risk assessment methodology/framework to manage, track and report on cyber security risks in line with the business risk tolerance
- Manage the renewal of all cyber security certifications the business must maintain for client bids and projects by engaging and working with the relevant internal teams and governing bodies.
- Oversee interaction with cyber security auditors (internal / external) and regulators and third parties.
- Participate in the plan, design and enhancements to processes to assess and measure ongoing supplier security compliance
- Assist in the review and update of cyber security policies and standards.
- Work with key suppliers, partners and vendors to drive maximum value and security benefit from security services and solutions.
- Provide support, training and guidance to the cyber security team on cyber risk management practices and processes.
- Understand potential and emerging cyber security threats, vulnerabilities, and control techniques and the trade-offs required to manage the different levels of risk appetite and risk exposure across the global business.
Key Skills / Experience:
- Minimum 8-10 years of experience in a combination of risk management, enterprise information security and cyber security functions.
- Proven track record and experience with security frameworks, standards and best practices for compliance (NIST, ISO27001, NCSC Cyber Essentials, ACSC Essential 8).
- Proven track record and experience in creating and maintaining cyber threat models and risk management frameworks in a global corporate environment.
- Knowledge of best practices of IT security hardware and software, security suites, identity and access management.
- CISSP, CISM, CISA, CRISC strongly preferred.
- Experience managing teams in a global environment.
If interested please respond ASAP with your latest resume