Cyber Security Consultant - Sydney, Australia - M&T Resources

M&T Resources

Verified Company

Sydney, Australia

2 weeks ago

Posted by:

Olivia Brown

beBee Recruiter

Description

Sydney

IT & Telecomms
IT Security

Deep knowledge of cybersecurity and protection technologies
Strong Knowledge of ISO27001/2, NIST CSF, CIS standards.
Strong understanding of Cloud Security and IAM

The individual must possess a working knowledge of current and developing security threats, strong understanding of risk management in a cloud led environment.

Also need a strong foundational understanding of infrastructure security, Software delivery life cycle and developing cyber security policies.

They will work closely with management, other team members, and operation teams to ensure data protection for systems.

It is expected that this role will focus 50% effort on risk management responsibilities and remaining 50% on information security policy development and architecture development.

Working as an Information Security Specialist, the role will:

Perform Security Risk Assessments (SRA)
Security Architecture development and review
Cyber Security Policy development review and update
Certify new network platforms (projects) to be compliant with the set of regulatory/mandated security obligations
Advise projects on the optimal course of remediation by analysing the results of the penetration test, source code assessment and the vulnerability scan.
Provide guidance on the issue remediation
Raise security exception requests if required
Consulting on Security Requirement and Compliance for Networks
Advising on Security Design for Networks solutions

The individual must possess:

Deep knowledge of cybersecurity and protection technologies
Strong Knowledge of ISO27001/2, NIST CSF, CIS standards.
Strong understanding of Cloud Security
Having delivered key security programs
Working knowledge of current and emerging security
Strong understanding of Identity and Access Management
In depth knowledge of risks assessment process;
Ability to understand the penetration test reports, vulnerability scan reports (Nessus) and source code assessment reports (HP Fortify);
Strong research and recommendation skills
Good skills in preparing and presenting management reports
Experience in a telecommunication or cloud environment is preferred

Key Result Areas Required Outputs/ KPIs Measurement Method

Privacy Compliance and development:

Identify cyber security risks and recommend appropriate controls and initiatives across many projects.
Contribute to the development of sustainable and repeatable securitybydesign program,
Review policies and procedures relating to security, privacy, and data protection.
Support incident management framework and recommend appropriate controls to contain (and mitigate) potential technical vulnerabilities.
Act as principal privacy champion demonstrating adherence to internal policies and procedures.

Policy deviations

Review the security policies, procedures and standards
Identify and communicate security noncompliances and vulnerabilities that could impact business operations.
Assess, document and communicate risks in context with business operations.
Develop and communicate remediation plans capable of reducing risk to the organization.
Assist business owners with prioritizing risks and consulting users on adequate compensating controls to reduce risks.
The policy deviations are documented as per standard
The SLAs are tracked and followed

Control Compliance - Evaluate security controls and ensure they are effective in mitigating risks