Job details

Location
Sydney
Salary
Competitive salary package
Job Type
Permanent
Ref
34290_1618372803
Contact
Riki Blok
Contact email
Email Riki
Contact phone
0426 177 613
Posted
about 1 month ago

Job details

Location
Sydney
Salary
Competitive salary package
Job Type
Permanent
Ref
34290_1618372803
Contact
Riki Blok
Contact email
Email Riki
Contact phone
0426 177 613
Posted
about 1 month ago

Talenza have partnered exclusively with a large private sector client on the search and selection of a Deputy CISO. The role can be based in Brisbane, Sydney or Melbourne.

Reporting directly to the CISO this brand new role will act as the second in command for the security department, while remaining as the lead for their Governance, Risk Compliance space. You will be a functional expert and focal point for consultation and education to Technology functions and projects, and for this complex organisation's business units to safeguard their business and customers. You will provide compliance and governance of information security and cyber risk plans, policies and standards, and continually improve the delivery of projects aligned to security compliance to ensure the protection of systems against security breaches and limit the potential of a cyber attack or threat.

Your work with cyber risk will enable you to be a key contributor in cyber security risk management and be accountable for driving strong security standards across the enterprise, ensuring they are championed throughout the Technology organisation and engaging with stakeholder groups across the enterprise

The Responsibilities
  • Lead a high-performing technology team and create an environment of continuous improvement, and actively champion contemporary delivery practices to support a positive team environment and culture.
  • Collaborate with your stakeholders and peers to ensure the strategy remains business and technology aligned and enabled
  • Provide specialist advice to business stakeholders on compliance and adherence to threat intelligence and cybersecurity policies, standards, and guidelines. This includes providing advice on classifying and managing personal or sensitive information.
  • Coordinate audit compliance, manage technology risks and issues and provide suitable mitigation strategies with respective teams.
  • Coordinate Internal and External audit compliance, including assurance of controls testing.
  • Develop and maintain a holistic view of Technology's Information security, requirements. Ensure they are managed and delivered in a manner that is sustainable and cost effective
  • Enhance the organisation's understanding of information security, cyber risk and compliance through education and awareness building activities
  • Drive, manage, maintain, and publish their information security and cybersecurity strategy, roadmap, policies, standards, and guidelines aligned to the strategic requirements of the company, industry compliance and good cybersecurity practices
  • Advise and challenge change management and project activities that impact the organisations security posture, ensuring a right level of external validation for major changes
  • Lead and manage continuous improvement across security information management and cyber risk
  • Manager and govern their Information Security Management Systems and coordination of certification program, Quality Management Systems and coordination of ISO9001 certification program, establish and maintain PCI-DSS assessment, testing, and reporting services under a single certification for the company.
The Requirements

  • 8-10 years' experience, 3+ years must be in a senior leadership role leading information security and cyber risk in large-scale complex, diverse and distributed IT operations environment.
  • Industry certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) Professional (CBAP) or degree program with focus on security
  • Specific experience and knowledge of security regulation and industry standards such as PCI, ISO27000 and related legislation.
  • Astute at developing business aligned security risk and controls/IT strategies, frameworks, and roadmaps and communicating these.
  • Familiarity with modern technologies and security approaches i.e. cloud security technologies, automation, digital.
  • A proven track record in applying contemporary practices to deliver measurable improvements to an enterprise's security and compliance posture.
  • Proven experience in developing and maintaining strong relationships with internal and external teams
For information on this role please apply within or contact Chelsey Costello on