Chief Information Security Officer - Adelaide Region SA, Australia - Paxus Australia Pty Ltd

Paxus Australia Pty Ltd

Verified Company

Adelaide Region SA, Australia

3 weeks ago

Posted by:

Olivia Brown

beBee Recruiter

Description

Posted 18 January 202- SalaryNegotiable

LocationAdelaide
Job type Permanent
DisciplineExecutive IT, Security + Cyber Security
ReferenceBBBH259556_

Job description:

Chief Information Security Officer

Our client's diverse and complex IT function is seeking to hire an experienced Chief Information Security Officer (CISO) who will demonstrate strong leadership qualities with a hands-on approach to the strategic vision and planning of risk management, governance, and operational information security strategy.

This opportunity allows a high degree of autonomy, while leading the information security function across the company and ensuring consistent and high-quality information security management in support of the business goals.

Role Requirements:_

Leadership

Lead the development and maintenance of a Cyber Security Strategy and Roadmap in consultation with various stakeholders to ensure ongoing enhancement
Work closely with external stakeholders, government authorities including the Australian Cyber Security Centre (ACSC).
Lead the development, maintenance and execution of a Cyber Security education and awareness
Identify and implement opportunities for innovation, improvement of IT performance and costs to continue meeting customer needs.
Monitor and manage current and emerging Cyber Security threats that may impact on the companies ability to achieve its objectives.
Ensure Operational and Capital budgets are managed within corporate allocation identify cost savings and operational and project efficiencies to improve performance and/or services provided by the business.

Governance

Lead the development, operations and maintenance of an information security risk management framework aligned to wellknown standards, including development and promulgation of policies, standards, procedures and guidelines to both centralised and decentralised IT custodians.
Maintain uptodate information security risk management artefacts including security risk register, asset register, treatment plans, and statement of applicability (SOA)

Operations

Work closely with the external Security Operations Centre (SOC) to ensure they continue to provide effective detection, escalation, and automated response services.
In the event of an actual security incident, coordinate communications, containment, response, and recovery activities in coordination with relevant teams.

Essential Experience

Demonstrated experience in developing and maintaining an information security management system based on bestpractice standards such as: ISO/IEC 27001 and NIST Cyber Security Framework.
Demonstrated experience working within a large and complex IT environment, with existence of decentralised IT custodians in federated/affiliated suborganisations
Demonstrated experience in communicating complex, technical cyber security concepts to senior management using a language that is easy to understand and meaningful to the business.
Demonstrated experience in developing an organisational strategic plan for prioritising and implementing cyber security enhancement initiatives aligned to business strategic objectives, business risks, industry best practices, and regulatory/compliance requirements.

Qualifications

Relevant industry technical security certificates such as CISSP, CISA/CISM, OSCP/OSCE, GIAC are a plus
Ability to obtain and/or currently holding a minimum baseline defence security clearance or higher