Job Title:
A Senior Information Security and Quality Assurance Specialist is required to provide expert guidance and support in implementing, maintaining, and continually improving the organization's Information Security Management System (ISMS) and Quality Management System (QMS).
Main Responsibilities:
* To implement and maintain the ISMS and QMS in accordance with the current ISO 27001:2013 and ISO 9001:2015 standards.
* To develop mandatory documentation for the ISMS and QMS.
* To coordinate and lead internal and external third-party audits.
* To develop and implement audit schedules, conduct audits, and measure areas of improvement and/or non-compliance.
* To manage and monitor security incidents, non-conformities, threats, and vulnerabilities and ensure corrective actions are implemented.
* To work with stakeholders to identify, monitor, and maintain the ISMS and QMS Risk Registers.
* To integrate and continually improve QMS and ISMS processes.
* To assist in responding to bid and tender related queries.
* To assist with Security Awareness training programs.
Requirements:
* Experience in implementing, maintaining, and auditing ISO 9001 and 27001 management systems.
* Experience with Telecommunications Sector Security Reforms (TSSR), Security of Critical Infrastructure (SOCI), or other Australian cyber regulatory obligations.
* Excellent written and verbal communication skills to support staff in day-to-day management of ISMS and QMS.
* Strong analytical and conceptual skills to establish practical solutions and provide comprehensive metrics, dashboards, and reports.
* A focus on continuous improvement, PDCA cycle, agile lean principles.
* Risk assessments aligned to ISO 31000 and ISO 27005.
* Knowledge of physical and IT security controls.
* Strong computer literacy and Microsoft Excel skills.
* Governance, Risk Management of technical services.
* Ability to work autonomously and within a remote team.
* Awareness of Information Security Manual (ISM) and Protective Security Policy Framework (PSPF).