Whilst there is a hybrid work policy, this is NOT a fully remote role. You must be based in SA and have full Australian work rights.
Overview
As Cyber Security Lead, you will manage all regulatory requirements in relation to cyber security. Indeed, this role is responsible for ensuring compliance with APRA’s Prudential Standard CPS 234 Information Security, along with other relevant legislative instruments, including ownership of vendor cyber assurances, management of key cyber and data risks and controls, and supporting internal and external audits.
Passionate about cyber and data security, you will enjoy working alongside a small operational IT team (you won’t be technically hands-on in this role, but will be a Senior escalation point) and will continue to embed frameworks, policies and processes across the organisation to ensure information assets are adequately protected and managed. You will also lead any cyber security incident response, including the monitoring, investigation, documentation and response to Cyber incidents, extending to BCP and DRP testing.
Key Responsibilities Include:
- Assess and Monitor for threats and vulnerabilities.
- Apply threat intelligence and other relevant information sources to identify risks and develop targeted remediation
- Report on the status of security posture threats
- Manage the active monitoring of security controls to ensure they are effective
- Ensure compliance with
all relevant regulatory and legal requirements
- Ensure compliance with APRA Prudential Requirements (CPS 234) and other relevant legislative requirements
- Ensure they are fully prepared for future regulatory developments
- Build a strong Cyber and Data Security aware culture
- Develop and maintain an adequate annual testing program
- Apply knowledge of the latest global security trends, strategies and risks
- Business impact analysis and development of security controls for new initiatives or changes to business processes or systems
- Develop and execute internal education programs that foster Cyber and Data Security awareness and compliance
- Vendor management
- Liaise with external cyber security vendors, managing their deliverables
- Coordinate the internal and external audit program relating to cyber and data security
- Provide expert advice and information to stakeholders
- Lead the monitoring, investigation, documentation and response to advice and Cyber incidents, extending to BCP and DRP testing
- Provide situation awareness and reporting on cyber security status stakeholders
- Report to SLT, Board and Data and Information Security Committee where necessary
- Develop and maintain appropriate cyber security framework and strategy
Essential Requirements
- 5+ years proven experience in a similar Cyber Security role
- Experienced in the application of Cyber Security standards such as ISO 27001, NIST, PCI-DSS, ASD8
- Experienced in best practice in Cyber Security incident response, disaster recovery, business continuity, governance, risk and compliance (GRC)
- Knowledge and experience in areas such as the current threat landscape, managed service and cloud providers, IT security technologies
- Knowledge and experience in security incident response lifecycle and concepts, including:
- anti-virus, data encryption, end point protection and security monitoring technologies along with vulnerability and security assessment methodologies and technologies
- A high degree of initiative, with the ability to work under tight deadlines and handle multiple complex tasks
- Highly developed written and verbal communication skills, with the ability to disseminate technical information in non-technical terms
Desirable:
- Understanding of highly regulated environments
- Understanding of APRA Prudential Standard CPS 234 Information Security
Please APPLY NOW and we will review your CV and call back all suitable candidates back within 24 business hours.
For more information, or a confidential conversation, you can call Jerry Belialba on 08 8112 7406
Peoplebank and Leaders IT are committed to creating a diverse and inclusive workplace where everyone belongs. We welcome applications from people of all backgrounds, identities, and experiences. If you need adjustments to the recruitment process due to your circumstances, please let us know—we’re here to support you.
