The University of New South Wales (UNSW Sydney)UNSW Kensington Campus, Sydney, NSWSimilar Jobs
Closing: 05-Jan-2025
Job Summary
Dates
Opening Date: 15-Oct-2024
Closing Date: 05-Jan-2025
Location
UNSW Kensington Campus, Sydney, NSW
Salary
Excellent salary package including superannuation
Responsibilities
Lead the strategic planning, execution, and continuous improvement of cyber security controls assurance testing, including regular controls effectiveness testing and gap assessments.
Develop and implement a continuous controls assurance testing strategy, with a focus on control monitoring, automation, uplift, and rationalisation.
Oversee and deliver annual controls assurance testing activities, including penetration testing, application security assessments, and red teaming exercises.
Facilitate post-testing assurance by reviewing findings, advising stakeholders, prioritising remediation efforts, and managing closure of actions.
Monitor, track, and ensure timely closure of findings, risks, and associated actions resulting from controls assurance activities, ensuring alignment with the University’s risk appetite.
Develop, collect, and continuously improve cyber security metrics and Key Risk Indicators (KRIs)/Key Control Indicators (KCIs) to measure performance and risk exposure.
Lead the delivery and management of periodic cyber security metrics reporting.
Present insights, information, and recommendations to leadership and stakeholders to inform decision-making and support organizational objectives, and present at quarterly GRC Community of Practice (CoP) and Developer Security CoP meetings to foster collaboration and knowledge sharing across faculties and divisions.
Update and maintain the cyber security risk register with findings from testing, assessments, and performance metrics, ensuring that risks are tracked and mitigated.
Manage audit assurance activities by providing leadership in facilitating the remediation of audit findings, ensuring that identified risks are mitigated in accordance with agreed timelines and corrective actions are successfully implemented.
Lead the maturity and management of Cloud Security Posture Management (CSPM) tools, including tuning, ongoing monitoring, and remediation activities.
Manage the delivery of expert-level source code reviews, including the integration of applications and repositories with security scanning tools like CXOne.
Oversee the management of Checkmarx, ensuring the platform is effectively utilised for source code security scanning and application security assurance.
Oversee crowdsourced security testing / bug bounty programs, ensuring these programs are aligned with security objectives and contribute to continuous improvement in security posture.
Provide strategic cyber security consulting and advisory services to the Cyber Security Enablement Program and other key initiatives across the University, ensuring alignment with governance and compliance standards.
Manage and mentor a team, providing guidance, support, and professional development opportunities to ensure high performance and continuous growth.
Align with and actively demonstrate the Code of Conduct and Values.
Cooperate with all health and safety policies and procedures of the university and take all reasonable care to ensure that your actions or omissions do not impact on the psychosocial or physical health and safety of yourself or others.
Ensure hazards and risks psychosocial and physical are identified and controlled for tasks, projects, and activities that pose a health and safety risk within your area of responsibility.
Requirements
Extensive management expertise and supporting experience (7+ years) in cyber security controls assurance, with a proven track record in controls assurance testing, metrics reporting, and audit management.
Strong experience with cyber security assurance tools such as Checkmarx, Lacework, BugCrowd, and similar platforms.
Certifications such as CISSP, CISM, CRISC, CEH, or relevant certifications in security assurance and controls testing are highly desirable.
Demonstrated experience in leading penetration testing, red teaming, application security assessments, and cloud security posture management.
Strong understanding of cyber security metrics, KRIs/KCIs, and their role in managing and communicating risk.
Experience in working with risk registers and driving the remediation of risks and audit findings.
Excellent communication, interpersonal, and leadership skills, with a proven ability to influence and engage stakeholders across all levels.
Strong project management skills, with the ability to manage multiple initiatives simultaneously while maintaining a focus on quality and timelines.
High level of motivation, resilience, and the ability to work both independently and as part of a collaborative team.
Strong analytical and problem-solving skills, with the ability to present complex information clearly and concisely to diverse audiences.
An understanding of and commitment to UNSW’s aims, objectives and values in action, together with relevant policies and guidelines.
Knowledge of health & safety (psychosocial and physical) responsibilities and commitment to attending relevant health and safety training.
Benefits
Flexible hybrid working
Additional 3 days of leave over the Christmas Period
Access to lifelong learning and career development
Progressive HR practices
Discounts and entitlements
Notes
The University reserves the right not to proceed with any appointment.
Provide administrative, communication, and organizational support
Maintain an organized and proper level inventory system for equipment and materials
Continually monitor and maintain the physical count of inventory of supplies and dental materials
Receive, unpack, deliver supplies/equipment; re-stock and return items as necessary
Assist with coordination of instrument, equipment, and handpiece maintenance/repair
Assist with cleaning and organization of the Simulation Clinic and adjacent laboratory space
Investigate problems and seek options for back ordered or out of stock items
Collaborate with ordering parties to ensure proper equipment and supplies are readily available for courses, patient care, and outreach events
Communicate professionally, effectively, and in a timely manner with all faculty, staff, students, guests, and vendors
Maintain a positive, safe, and professional learning environment
Work closely with the Simulation Coordinator for distribution of course materials/supplies and coverage needs in the Simulation Clinic
Maintain confidentiality and handle sensitive information
Maintain current knowledge of University policies and procedures
Perform other duties as assigned
Requirements
High School diploma and any combination of education, training, or experience that provides the required knowledge, skills, and abilities
2 or more years of experience directly related to the duties and responsibilities specified
Computer skills and knowledge and experience with Microsoft Office Suite (Word, Excel, Outlook) and Google Docs
Inventory management software experience is helpful
Knowledge of dental instruments and terminology is preferred
Excellent verbal and written communication skills
Must be able to effectively interact with dental health care professionals, students, faculty, professional staff, vendors, and patients
Ability to represent the college professionally in business communications
Experience with computer, printer, calculator, fax machine, copy machine, and telephone operation
Ability to lift up to 25lbs
Ability to provide excellent customer service and work effectively in a diverse community
Must exhibit a positive attitude and maintain professional demeanor at all times
Must possess the knowledge, skills and abilities, or be able to explain and demonstrate that the individual can perform the essential functions of the job, with or without reasonable accommodation, using some other combination of skills and abilities
Benefits
Health and dental coverage
Generous holiday schedule and PTO
Retirement match
Select position-related continuing education and development
Reduced college tuition for yourself, spouse/partner, and your dependents
Notes
Reporting to the Associate Director of Clinical Affairs
Full-time, 40 hour per week
Employees in clinical settings must meet the State of Maine’s immunization requirements for clinical activity and be medically cleared, fit tested, and trained on proper respirator (N95, Powered Air Purifying Respirator (PAPR)) use.
Consistent with federal and state law and University policy, the University of New England is committed to the fundamental concept of equal opportunity for all of the members of the University community.
The University prohibits, and will not tolerate, discrimination in employment, the provision of academic services or in any other area of University life based on race, color, sex, physical or mental disability, religion, age, ancestry, national origin, sexual orientation, gender identity and/or expression, ethnicity, genetic information, HIV status, or status as a veteran.