Cyber Security AdvisorChallenger Limited is an ASX-listed investment management firm managing $105 billion in assets (as at 30 June 2023). Life with us is fast moving and always exciting. Together we're driving to deliver our vision to provide our customers with financial security for a better retirement.
We achieve this goal by providing a work environment where people from diverse backgrounds, with a range of skills and experiences can contribute and succeed.
Stakeholder Management - Liaise with technology partners (Accenture) and the business and provide guidance on policy adherence, hardening standards, framework alignment (NIST CSF, ISO27001 and CPS234) and act as an advisor on architecture decisions, designs, business plans and project work/uplift initiatives.
Cybersecurity Tool Health, Policy and Configurations Oversight - ensure all of the technology solutions and cybersecurity tools protecting Challenger are operating effectively, configured correctly by Accenture or partners and the controls are on all information assets.
Change advisory - provide advice to projects and business to ensure cyber security controls are implemented effectively and appropriately. Example includes supporting the onboarding of ALIP and integration technologies to ensure the correct security standards are applied. Ensure Cyber Security policy is updated and enforced across the organization.
Cyber Incident Management
1. develop and implement aligned with operational threat intelligence.
2. identify and report breaches or potential intrusion incidents promptly, enabling informed decision-making.
Cyber Intelligence - collate and respond to intelligence
3. Prepare and deliver briefs and cyber threat intelligence reports for management and material service providers
4. Identify and undertakeplex research and analysis of relevant cyber threat actors
5. Provide situational awareness on current and emerging threats
6. Analyse identified cyber threat event data and fuse with all-source intelligence
7. Understand and use analytical tools and techniques
Incident Management:
8. Provide support, guidance and reporting during major incidents and events acting as a key liaison point between Accenture, the Crisis Management Team and Challenger stakeholders.
Education and Culture Improvement:
9. Ensure staff, contractors and third parties are fully aware of the Information Security Management System (ISMS) and good practice on how to identify suspicious activity, phishing, business emailpromise, misconfiguration of network or IT equipment and insider threats.
Risk Management:
10. Ensure incidents and risks are addressed in a timely manner in line with the operational risk framework and BRiskWise timeframes.
Key Capabilities including Knowledge & Skills:
11. Stakeholder management - Building and maintaining productive relationships with stakeholders
12. Continuous learning mindset: Staying informed about emerging issues, risks, and opportunities in cyber security; keeping up with industry trends, technologies, and regulatory changes
13. Project Management: Coordinate and manage cyber security initiatives. This involves preparing discussion papers, briefs, and submissions, adhering to project management methodologies, and ensuring timely delivery of projects
14. Risk assessment: Understanding and being able to evaluate cyber risks
15. Reporting - good written and verbalmunication
Experience / Certifications required
16. At least 5 years working in the Information Security industry
17. Management stakeholders from across a business and supply chain
18. Experience in identifying, assessing, evaluating and managing Information Technology and Information Security (IS) risk
19. Working knowledge of IS control standards and frameworks, including ISO27001, NIST CSF, and audit report types such as SOC 1, SOC 2, ASAE3402, etc.
20. Experience dealing with senior leaders and business heads to help influence behavior and risk mitigation oues
21. CISM Certification (Nice to have not mandatory)
22. CISSP (Nice to have not mandatory)
#LI-SA1
#LI-Challenger
We value inclusion and diversity of thought, promote flexible working practices so our people can integrate their work and personal lives, and are proud to be a Workplace Gender Equality Agency (WGEA) Employer of Choice for Gender Equality.
We believe in bringing your authentic self and a belonging in our culture. We are prideful in participating in the Australian Workplace Equality Index (AWEI) as a national benchmark on LGBTQ+ workplace inclusion and best practice in Australia. We offer the opportunity for a broad career experience and value people who are inquisitive and rigorous and are driven to make a difference.
Job type:
Permanent
Posting Close Date :
24/05/2024 Job ID R1777