Permanent engagement
- 100% remote opportunity
- Large well-established organisation
**The Company**
This large organisation is dynamic and rapidly evolving in a changing ecosystem. Seeking to improve safety, performance, and culture while driving efficiency, managing costs, and creating value in a best practice environment. As the business continues its path of reform - customers, investment, commercial leadership, and cultural excellence are a clear focus.
**The Opportunity**
As the Cyber GRC Manager you will oversee complex security governance, risk and compliance engagements working within the utility domain. You will be responsible for delivering pre-certification analysis, implementing structured cyber security frameworks, providing threat and vulnerability analysis as well as security advisory services and stakeholder engagement across all business units.
Working within state-of-the-art data and information environments, the Cyber GRC Manager will plan, develop and document strategic security practices for standard systems compliance. You will liaise with a host of stakeholders and third-party vendor providers to elicit and analyse key requirements and ensure vigorous security practices are in place.
Key Responsibilities:
- Lead a team of Cyber Analysts across governance, risk and compliance
- Demonstrated experience and knowledge of modern cyber security GRC methodologies and frameworks
- Perform and monitor ICT risk assessments for new technology projects, processes, and third-party services.
- Develop and promote ICT security and risk awareness for the internal staff
- Develop, maintain and update ICT risk and security policies, standards, and processes
- Ensure compliance within the ICT risk register and undertake regular risk reporting to stakeholders
- Coordinate external and internal audits
- ICT and third-party risk assessment reports, ICT security policies, standards and processes, ICT security and risk awareness material
This is a permanent engagement with the ability to work remotely 100% of the time. You must reside in Australia and have full working rights
**Skills and Experience**
- Minimum of 3 years commercial experience in Cyber Security
- Knowledge of information security and risk management processes
- Sound understanding of technical security controls and technologies
- Understanding of information security standards and frameworks such as Cybersecurity essentials, ISO2700, ISO, ACSC Essential Eight and NIST
- The ability to build and maintain productive relationships with key stakeholders
- Excellent verbal and written communication skills
**Contact Us**
If this is not the right role but you are keen on exploring opportunities, please call me directly to discuss the market.