**Job no**: 515899
**Work type**: full time
**Location**: Sydney, NSW
**Categories**: Information Technology
- **Full time, continuing role as a Cyber Security Assurance Testing Specialist**:
- **Attractive salary package plus generous 17% superannuation**:
- **Deliver and execute within a fit for purpose and adaptive Cyber risk framework**:
- **Kensington, Sydney with Flexible and or Hybrid working**
**Responsibilities**
- Lead and operationally deliver the ongoing development and execution of a continuous controls assurance testing approach, including monitoring, control uplift (incl. automation) and rationalisation.
- Provide strategic leadership in managing and improving UNSW's controls assurance capabilities.
- Identify opportunities to improve effectiveness of controls. and regularly present to leadership and business owners of information resources for decision making and support.
- Conduct cyber security control testing activities, including scoping, facilitation of testing, evidence collection, and analysis.
- Communicate and report on security controls effectiveness testing outcomes, recommend improvements, and work with management, business owners and control owners to resolve and close findings/issues.
- Update the cyber risk register with risks identified from controls effectiveness testing, gap assessment and metrics performance.
- Identify, develop, collect, analyse, and continuously improve SMART Cyber Security Metrics and KRI/KCI reporting on a monthly basis.
- Present insights and recommendations for improvement to stakeholders, including but not limited to senior management, business owners, and internal audit on a monthly basis through governance forums and other channels.
- Support the Cyber Security function's certification program of work such as ISO 27001.
- Support the independent audit of cyber security controls on behalf of the University, including statutory audits completed by the Audit Office of NSW.
- Regularly review threat and vulnerability advisories from various sources (e.g. ACSC, NCSC, CISA) and, where a control gap exists, ensure a compensating control is implemented to manage the risk exposure.
- Promote awareness of the University's internal and external environment for emerging cyber security threats.
- Promote a culture of continuous improvement, championing professional standards, innovation, and methods.
- Other duties appropriate and in line with to this position as requested by the Head of Cyber Security Strategy and Governance.
- Cooperate with all health and safety policies and procedures of the university and take all reasonable care to ensure that your actions or omissions do not impact on the health and safety of yourself or others. Align with and actively demonstrate the UNSW Values in Action: Our Behaviours and the UNSW Code of Conduct.
Skills and Experience
- Experience in 1st line assurance role, working with vulnerability management and scanning systems - Scripting in PowerShell, Python, Bash, etc is advantageous.
- AWS, Azure and Microsoft365 security experience desirable but not mandatory
- A relevant degree with extensive experience in cyber security operations or assurance teams within major organisations or an equivalent level of knowledge gained through any other combination of education, training, and experience.
- Excellent understanding of industry-wide security standards and compliance frameworks such as ISO 27001, NIST 800-53, OWASP, CSA, Essential 8, PCI DSS, COBIT 5, Mitre ATT&CK etc.
- Relevant industry certification(s) such as SANS certifications, CEH, OSCP, CompTIA Security+, and cloud platform certifications such as, AWS Security Speciality, Microsoft Azure (highly desirable).
- Strong interpersonal, communication and negotiation skills including ability to develop effective relationships and influence key stakeholders at all levels in the organisation.
- Analytical ability to present with credibility and translate technical and complex information concisely for diverse audiences using strong analytical and problem-solving skills.
- Demonstrated high level of personal motivation, resilience, and ability to work effectively individually or in teams.
- An understanding of and commitment to UNSW's aims, objectives, and values in action, together with relevant policies and guidelines.
- Knowledge of health and safety responsibilities and commitment to attending relevant health and safety training
- Ability to code in PowerShell, Python, Bash, etc is advantageous
**To Apply**: If this is of interest to you, please submit your CV, Cover Letter and responses to the Skills and Experience outlined in the position description.
**Benefits and Culture**
- Flexible hybrid working
- Additional 3 days of leave over the Christmas Period
- Access to lifelong learning and career development
- Progressive HR practices
- Discounts and entitlements
**Contact**
**Applications close: Sunday 30**th** of April at 11.30pm**
- UNSW is committ