Position Description
Central Highlands Water
- Integrity _
- Teamwork _
- Leadership _
- Care_**_
- **
**Cyber Security Specialist**
**Classification **Level, Central Highlands Water Enterprise Agreement
**Team, unit **Cyber Security
**Division **ICT & Digital
**Work location **Learmonth Road, Wendouree / Hybrid
**Employment type **Up to Full-time.
Flexible options available: part-time work, purchased leave, varied start and
finish times, working from alternative locations and -day fortnights.
**Position reports to **General Manager, ICT and Digital
**Direct Reports **Cyber Security Officer
**Our Values**
Our vision: _Our Water - Our Customers - Healthy Living _
Our mission: _Together, we provide quality water and wastewater services safely, efficiently and sustainably to _
- communities in the Central Highlands Region _
Our values: _Integrity, Teamwork, Leadership and Care**Organisational Environment**
At CHW' _Safety is Everyone's Priority_. We are committed to the safety of our people, customers and the community
we serve, and we have a zero-tolerance toward harassment or violence within the workplace.
We have an inclusive workplace that embraces diversity and difference. We believe all jobs can be worked flexibly,
from varied cultural backgrounds.
We encourage employees' continuous professional development. Employees are supported in keeping abreast of
current industry best practices and are encouraged to take an active personal interest in staying informed of
professional practices, standards and latest trends.
We believe that everyone has the capability to show leadership, regardless of their formal level of authority. We
expect all team members to focus their efforts on developing and displaying the leadership behaviours defined in our
Leadership Capability Framework. We have a commitment to enhancing our leadership maturity across the whole
business, through our internal Personal Leadership Program, Learn Lead Grow (LLG), and focussing on Leading
Self, Leading People and Leading the Organisation.
**Purpose**
This position requires a combination of technical and soft skills, such as business acumen, leadership,
communications and relationship building. Additionally, the role must adopt a continuous approach to learning and
up-skilling in order to maintain pace with the cyber threat landscape and new technologies. It is expected that this
role will show innovation and imagination in conceiving and delivering cyber security strategies for CHW including:
- Providing Cyber Security Leadership and guidance
- Overseeing the Cyber Security Program
- Overseeing incident response activities
- Contributing to business continuity and disaster recovery planning
- Developing a cyber security communications strategy
- Receiving and managing a dedicated cyber security budget
- Overseeing cyber security awareness raising
- Working with suppliers and service providers
The Cyber Security Specialist exists to assist in the protection of CHW information assets through:
- Ensuring CHW performs the activities required to comply with the Victorian Protective Data Security
Framework (VPDSF)
- Providing security-related advice and consulting services and
- Managing and supporting CHWs security strategies, standards, processes and systems.
**Key Duties/Responsibilities**
- Undertake security responsibility for all IACS and ICT-based environments and maintain compliance with
any audit, regularity, and relevant security standards.
- Responsible for coordinating awareness and communication activities between security and business
functions.
- The role will develop and seek approval of a comprehensive security strategy. The strategy will account for
the end-to-end lifecycle of information security operations, including:
o Evaluating the IT threat landscape
- Devising policy and controls to reduce risk
- Leading auditing and compliance initiatives
- Play a key role in managing both internal and external security providers to deliver secure services to meet
CHW's growing and evolving requirements.
- Responsible for ensuring resilience against cyber-attacks through rapid recovery strategies including
processes covering crisis communication processes.
- Responsible and accountable for providing cyber security leadership and guidance within CHW.
- Overseeing CHW's cyber security program and ensuring compliance with cyber security policy, standards,
regulations, and legislation.
- Responsible for reporting cyber security matters to CHW's executive and senior management, covering but
not limited to, such areas as risk profiling, security risks, planned uplift activities, incidents, and cyber security
investments.
- Development, leadership, and business alignment through governance bodies such as a cyber security
steering committee or advisory board, comprising of key cyber security and business executives, which
meets formally and on a regular basis.
- Responsible for overseeing CHW's response to