Cyber Security Threat Management Specialist
The Cyber Security Threat Management Specialist role supports the effective management of information security risks in compliance with security objectives and statutory, regulatory and contractual obligations. The role is responsible for providing information security risk management services to the ICT group and its clients, and delivery of security threat management services.
- Assess the operational delivery and effectiveness of security controls is part of the information security compliance programme, and make recommendations for remediation or improvement.
- Identify and assess security risks, and recommend risk treatment actions, in respect of ICT services, solution designs and technology architectures.
- Manage the delivery of security vulnerability / penetration testing services using third-party assessors.
- Manage security detection and response services to identify security incidents and communicate to stakeholders for containment and/or remediation.
- Report to the Manager, Information Security on the status of information security management, progress on risk treatment activities, security incidents and policy exceptions.
- Coordinate / participate in incident response for critical information security incidents, and incidents that impact on ICT-managed solutions and services.
- Provide technical and logistical support for the conduct of investigations that require information relating to the performance or use of ICT services
Skills & Experience:
- Minimum of five years in cybersecurity roles managing SIEM, data protection, detection and response, vulnerability management, privileged access management, endpoint & perimeter protection or similar controls
- Significant experience in completion of security risk assessments for ICT solutions and services, including external vendor / service provider assessment
- Expert knowledge of cybersecurity principles and practices
- Excellent leadership skills, with the ability to provide thought leadership in information security and work as part of a team in a complex organisational structure and IT environment
- Advanced project, analysis, problem solving, and business relationship skills
- Ability to independently identify and implement solutions to information security issues and process inefficiencies
- Ability to present with credibility and translate technical and complex information concisely for diverse audiences
- Ability to write fluently and persuasively in a range of styles and formats.
- Ability to engage, collaborate, and negotiate effectively and to adjust personal style and approach to optimise outcomes.
- Ability to manage competing priorities and adapt flexibly to change.
- Demonstrate a high level of personal motivation and ability to work effectively in in teams.
- Appropriate tertiary education