Jobs
>
Melbourne

    Head of Cyber Security and IT Risk - Melbourne, Australia - LGT Crestone

    LGT Crestone
    LGT Crestone Melbourne, Australia

    4 days ago

    Default job background
    Full time
    Description

    Your team

    • Working as a part of the Risk, Legal & Compliance team with overall responsibility to drive all strategic and operational cyber security and IT risk functions.
    • Working alongside the Head of Technology, senior business and risk executives and project management team within the reporting structure of the Chief Risk Officer.

    You will be supported by 2 staff members operating in the following roles: Senior Cyber Security Consultant and Cyber Security Analyst.

    Your Role

    Cyber Security Governance

    • Maintain a lean and effective cyber and technology risk governance structure, ensuring that risk management is deeply embedded into strategic business projects and operational decision-making.
    • Ensure the business maintains an effective and agile cyber security policy framework that is aligned with LGT Group directives.
    • Develop and manage the cyber security budget for all operational and strategic spend, ensuring resource allocation prioritises areas of high-risk and strategic importance.
    • Establish and maintain a detailed cyber assurance program (including targeted reviews, supplier assurance, red teaming, penetration testing, disaster recovery testing, etc.) to identify and prioritise key gaps for remediation.
    • Produce and present high-quality cyber risk reports to executive committees and board of directors (locally and at Group level), educating senior executives and the board on material risks, regulatory compliance, and strategic risk mitigation initiatives.
    • Maintain a strong Line-2 assurance framework challenging the design and operations of the technology function, specifically ensuring the business adheres to GS007 control framework.
    • Actively participate in monthly and quarterly vendor executive governance meetings — ensuring key suppliers meet contractually agreed KPIs and constantly adjust controls to mitigate emerging risks.
    • Track audit findings and recommendations to ensure appropriate critical and high-rated issues are promptly addressed. Proactively engage internal and external auditors to identify synergies and avoid redundant reviews.

    Stakeholder Management

    • Develop and nurture relationships with key internal stakeholders, specifically executives, technology, risk management, legal, audit and HR management teams to create a shared sense of purpose and positive working culture.
    • Liaise with external stakeholders, such as law enforcement, external auditors, advisory bodies, institutional clients, and business partners, as necessary, to ensure that the business maintains a resilient posture and promptly adjusts controls in line with emerging threats.

    Strategy Execution

    • Develop and deliver a high-impact cyber resilience strategy that is measurable, scalable, and advances strategic business goals.
    • Ensure the business maintains a robust enterprise security architecture framework, ensuring that new systems are secure by design, fault-tolerant and architected in-line with industry reference standards.
    • Actively collaborate with the Group CISO and their leadership team to identify opportunities to integrate local capabilities with the Group, ensuring consistency and strategic alignment.
    • Negotiate vendor contracts to ensure the business invests in cost-effective and highly scalable solutions.
    • Maintain a lean and effective cyber security team through ongoing mentorship, training, and maintaining a fine balance between outsourced and insourced capabilities.
    • Stay abreast with key cyber security threats and regulatory changes and work with relevant stakeholders to adapt the cyber security strategy accordingly.

    Incident Response

    • Lead incident response, ensuring prompt containment, assessment, and remediation of key incidents. Conduct root cause analysis and implement corrective actions to prevent recurrence.
    • Lead executive/board cyber crisis response simulations and drive the remediation of key issues identified.

    Security Operations

    • Work with outsourced providers and internal teams to ensure the business maintains a highly tuned and effective 24/7 security operations centre that prioritises threats on the business's most valuable digital assets.
    • Ensure the technology team and outsourced vendors maintain effective cyber security operational hygiene, including access management, backups, vulnerability management, patching and systems hardening.

    Your skills & experience

    • 10+ years of IT work experience, with at least 6+ years in leadership position overseeing cyber security teams or key projects and influencing decision makers.
    • Proven leadership skills and the ability to work effectively with stakeholders, financial management, leading teams and executing complex change.
    • Exceptional communications skills, with the ability to communicate with staff at various levels, both technical and clear business terms, regarding complex strategic projects.

    Your role competencies

    • Strong communication skills
    • Resourceful, self-starter/driven
    • Resilient
    • Pragmatic
    • Good judgment and the highest integrity and ethics
    • Collaborative
    • Good attention to detail
    • Flexible

    Your qualifications

    • Bachelor or masters degree in Cyber Security, Information Security, or a related field (or equivalent experience).
    • Industry certifications such as CISSP, CISM, CISA, or other relevant certifications.
  • Coles Supermarkets

    Security, Risk

    3 days ago

    Coles Supermarkets Hawthorn East, Australia

    We've been trusted to serve Aussie communities since 1914 and grown to become a top 30-listed on the ASX with 120,000 team members and a portfolio of iconic brands. At Coles Group, you'll not only get to make a difference to millions of Aussie lives—you'll also get to see your im ...

  • Talent International

    Security Risk Analyst

    1 week ago

    Talent International Melbourne, Australia

    australia melbourne permanent great team, cbd/wfh hybridThis high-profile University are currently seeking an experienced IT Security Risk Analyst to take responsibility for driving IT risk initiatives within the Portfolio and Planning team. You will collaborate with the IT leade ...

  • Davidson Group Services

    Security Risk Analyst

    5 days ago

    Davidson Group Services Melbourne City Centre, Australia

    **Join Our Clients Team as a Technology and Information Security Risk Consultant** · Are you ready to take on a pivotal role in shaping the future of risk management within our Program Delivery Practice? We are seeking a dynamic and experienced Technology and Information Security ...

  • Department of Education

    Security Risk and Compliance Manager

    12 hours ago

    Department of Education Melbourne, Australia

    Location: Melbourne | CBD · Job type: Full time · Organisation: Department of Education · **Salary**: $130,673 - $174,869 · Occupation: IT and Telecommunications · Reference: VG/DE/FPIS/ I · Security Risk and Compliance Manager · **Security Risk and Compliance Manager** VPS6 Ongo ...

  • Department of Education

    Security Risk and Compliance Manager

    1 week ago

    Department of Education Melbourne City Centre, Australia

    Security Risk and Compliance Manager VPS6 Ongoing PN · Enjoy a career that makes a difference by helping to shape the education experience for Victoria. · - Be part of a vibrant Department culture with a strong sense of community and inclusion. · - Join the Education State. · - ...

  • Department of Education

    Security Risk and Compliance Manager

    1 week ago

    Department of Education Melbourne, Australia

    Location: Melbourne | CBD · Job type: Full time · Organisation: Department of Education · **Salary**: $130,673 - $174,869 · Occupation: IT and Telecommunications · Reference: VG/ · Security Risk and Compliance Manager VPS6 Ongoing, Full Time position · **Security Risk and Compli ...

  • Talent International

    Security Risk and Assurance Manager

    1 day ago

    Talent International Melbourne, Australia

    **Job Details**: · **Location** · Melbourne · **Salary** · Negotiable · **Job Type** · Full Time · **Ref** · BBBH101942_ · **Contact** · Donal McCann · **Posted** · about 1 hour ago · - CBD Location - Hybrid Working Arrangement · - Establish Security, Risk and oversee cyber risk ...

  • Department of Education

    Security Risk and Compliance Manager

    12 hours ago

    Department of Education Melbourne City Centre, Australia

    Security Risk and Compliance Manager VPS6 Ongoing PN · Enjoy a career that makes a difference by helping to shape the education experience for Victoria. · - Be part of a vibrant Department culture with a strong sense of community and inclusion. · - Join the Education State. · - ...

  • Talent International

    Security Risk and Compliance Manager

    4 days ago

    Talent International Melbourne, Australia

    australia melbourne permanent negotiable- Permanent Position - Government Agency · - CBD Location - Hybrid Working Environment · - VPS6 - $130, ,869 + super · **The role**: · Our Victorian Government client is seeking a highly skilled and motivated Security Risk and Assurance Man ...

  • Ramsay Health Care

    Information Security Governance and Risk Analyst

    1 week ago

    Ramsay Health Care Melbourne, Australia

    Entrepreneurial, optimistic and energetic, **Ramsay leaders have a** **vision to become a leader in digital health care**. · This is a permanent full-time opportunity to join the Cyber Security team with the ability to be based in either Sydney, Melbourne, Brisbane or Perth, with ...

  • Talent International

    Security Risk and Compliance Manager

    5 days ago

    Talent International Melbourne, Australia Full time

    Permanent Position – Government Agency · CBD Location – Hybrid Working Environment · VPS6 – $130,673 – 174,869 + super · The role: · Our Victorian Government client is seeking a highly skilled and motivated Security Risk and Assurance Manager to join their Information Management ...

  • State Of Victoria

    Security Risk And Compliance Manager

    1 week ago

    State Of Victoria Melbourne, Australia Full time

    Security Risk and Compliance Manager VPS6 Ongoing, Full Time position · Security Risk and Compliance ManagerVPS6 Ongoing PN · Enjoy a career that makes a difference by helping to shape the education experience for Victoria. · Be part of a vibrant Department culture with a strong ...

  • KPMG

    Information Security Risk Analyst

    4 days ago

    KPMG Melbourne, Australia Full time

    Immerse yourself in our inclusive, diverse and supportive culture · Choose the way you want to work by embracing our flexible work arrangement · Collaborate with sector and technical experts to grow your knowledge and network · KPMG Australia is part of a global network providing ...

  • KPMG

    Information Security Risk Analyst

    4 days ago

    KPMG Victoria, Australia Full time

    Job Description · Immerse yourself in our inclusive, diverse and supportive culture · Choose the way you want to work by embracing our flexible work arrangement · Collaborate with sector and technical experts to grow your knowledge and network · KPMG Australia is part of a global ...

  • State Government Of Victoria, Australia

    Security Risk And Compliance Manager

    12 hours ago

    State Government Of Victoria, Australia Melbourne, Australia Full time

    Security Risk and Compliance Manager (VPSG6)Job posted:07/05/2024 · Security Risk and Compliance Manager VPS6 Ongoing, Full Time position · Security Risk and Compliance ManagerVPS6 Ongoing PN · Enjoy a career that makes a difference by helping to shape the education experience f ...

  • Department of Education

    Security Risk and Compliance Manager

    4 days ago

    Department of Education Melbourne, Australia Full time

    Security Risk and Compliance Manager VPS6 Ongoing, Full Time position · Security Risk and Compliance Manager VPS6 Ongoing PN · Enjoy a career that makes a difference by helping to shape the education experience for Victoria. · Be part of a vibrant Department culture with a stron ...

  • Staffx Pty Ltd

    Governance, Risk, and Compliance Analyst

    1 day ago

    Staffx Pty Ltd Melbourne, Australia

    **About the Company** · This IT Services and IT Consulting company is an Australian company that has core competencies in banking and financial services. They work with leading and local companies across the APAC region. · Their highly skilled, talented IT specialists are experts ...

  • Strata Results Recruitment

    Cyber Security Specialist

    1 week ago

    Strata Results Recruitment Melbourne, Australia

    Location: Mount Waverly, Melbourne · - Excellent Salary Package · - Immediate Start · **Position Purpose** · The Cyber security specialist is responsible for supporting company's cyber security program by providing security architecture services, security technology support and e ...

  • Torch Professional Services Pty Ltd

    Security and Platform Specialist

    1 day ago

    Torch Professional Services Pty Ltd Melbourne, Australia

    Senior role within the security team · - Hybrid Working environment · - Key opportunity to make an impact · **Senior Security Operations and Platform Specialist - 12-month contract** · Reporting into the Information Security Manager your role will be to advise on day-to-day oper ...

  • Experis

    Cyber Risk and Assurance Manager

    5 days ago

    Experis Melbourne, Australia

    Shape the security strategy for a renowed educational instituate. · - Permanent opportunity with a competive salary package · - Hybrid work arrangement - Footscray Office · As the Cyber Risk and Assurance Manager you will lead cybersecurity governance, risk, compliance, and assur ...