Brief role description:
The role of this position is to manage risk through the security engagement process and the provision of information security advice to business and the IT Directorate.
Relevant skills and expertise required:
* Minimum 5 years' experience in information security, especially in a large enterprise
* Demonstrated experience in:
o conducting risk assessments, producing and implementing remediation plans
o security event monitoring tools (eg. Splunk, Hadoop)
o performing incident investigations and securing forensic data
o developing, implementing and managing policies, standards and procedures
* Current security certification (eg. CISM, CISSP, GIAC)
Key focus areas for this role are directly related to:
* Security expertise - provide a high level of technical security support
* Security engagement process - the capture of security requirements and review of security design
* Risk management - assessment and treatment of risks
* Compliance - assist with the maintenance of the ISMS
* Incident management - respond to serious incidents
* Policy - write security policies, standards and procedures
Specific deliverables of this contract:
* Ongoing maintenance of the security engagement process
* Risk assessments as required
* ISMS compliance and reporting activities
* Standards and procedures
* Incident response as required
