Senior Information Security Consultant

Location: Macquarie Park
Job Type: Permanent
Posted: almost 7 years ago
Contact: Nick Munro
Discipline:
Reference: 174488_1497846428

Senior Information Security Consultant

The Company:

For over 30 years, this organisation has been at the forefront of medical reseach and products, providing solutions to some of the most complex areas of human medical devices and research. Being an organsitaion that is at the forefront biomedical devices and research, they are focussed on technology and are currently ensuring the security of their applications, which is where you come in!

The Role:

Working within a continually changing business and technology landscape, the Senior Information Security Consultant plays a crucial role in identifying and managing organisational risks in support of the organisation's growth objectives. The individual's responsibilities will extend across people, processes and technology with a focus on enhanced information management and security practices whist maintaining customer service excellence. They will contribute to conversations at all levels of the organisation and play a critical role in translating complex technical and operational information into simple business language.

Accountabilities:

  • Contribute to the business strategy by applying information security thought leadership to help solve business problems and deliver them in a clear and articulate manner.
  • Provide authoritative expertise and advice across a range of national and international standards and information security best practices.
  • Maintain up to date knowledge on potential threats, trends and relevant events that may threaten the organisation's IT risk position.
  • Manage complex and challenging projects to maintain the confidentiality, integrity and availability of information assets.
  • Review new technology deployments to ensure their compliance with relevant companny and industry policies and standards
  • Produce solution architecture documentation for information security initiatives and facilitate approval by the Architecture team and other relevant stakeholders.
  • Consult with business and IT project personnel to ensure information security is factored into the evaluation, selection, installation and configuration of all IT systems.
  • Undertake formal risk assessments to identify and document threats to business interests along with cost-effective mitigation controls in line with the company's Enterprise Risk Management Framework.
  • Assess the information security posture of Third-party suppliers who process, store or transmit company information.
  • Respond to information security assurance requests from business users and external parties.
  • Contribute to business case preparation, prepare statements of work and review legal contracts for third-party security service providers.
  • Direct vulnerability assessments and penetration testing engagements undertaken by Thirdparty specialists and coordinate report dissemination and remediation activities.

Skills & Experience:

Education and Qualifications:

  • Degree qualified in a related IT discipline.
  • Applicable certifications (e.g. CISSP, CISA, CISM)
  • ITIL certification or experience of working within an ITIL oriented organisation.

Experience:

  • Minimum of 10 years commercial experience in Information Technology, with at least 5 years specialising in a Senior Information Security role.
  • A deep understanding of Risk Management principles and frameworks.
  • A solid understanding of enterprise architecture frameworks (e.g. TOGAF) and security architecture frameworks (e.g. SABSA).
  • Experience working with relevant industry standards and guidelines including ISO 27000, PCI-DSS, NIST Cybersecurity Framework, ITIL, COBIT, Privacy, etc.
  • Excellent working knowledge of Internet and network security systems and tools including firewalls, load balancers, WAFs IDP, PKI and remote access systems.
  • Experience with VMware, Microsoft, UNIX and Linux Operating Systems.
  • Exposure to private & public Cloud platforms (i.e. IaaS, PaaS, SaaS, AWS, Azure).
  • A self-starter who can work independently and effectively with minimum supervision.
  • Proficiency in conducting presentations and workshops for varying audience types.
  • Outstanding written/verbal communication and interpersonal skills with a demonstrated ability to liaise effectively with a variety of stakeholders and build effective relationships at all levels within the organisation.
  • A high proficiency working with Microsoft Office tools.