Dates
- Opening Date: 15-Aug-2024
- Closing Date: 12-Sep-2024
Location
- Parkville, Victoria, Australia
Salary
- UOM 10 – $149,670 p.a. plus 17% super
Responsibilities
- Lead cybersecurity efforts for the Australian BioCommons, ensuring the secure protection of sensitive data in biomedical and environmental research.
- Drive impactful cybersecurity initiatives, working with a diverse national team and cutting-edge technologies to secure vital health and environmental data platforms.
- Develop and define incident response procedures, working with developers and technical teams on their implementation.
- Inform and influence code development processes, system design and cloud architecture and CI/CD deployment pipelines.
- Collaborate closely with the technical team on security operations, and ensure adherence to procedures.
- Make recommendations on AWS cloud deployment and architectures to align and comply with the required quality and security frameworks.
Requirements
- A related Bachelor degree or equivalent TAFE certification (Information Technology, Cyber Security etc) OR minimum 5 years experience working in Cyber Security.
- Hands-on experience in design and operating various security technologies/solutions.
- Experiences in designing and implementing required security controls in hybrid environments to align with industry standards.
- Strong communication skills, with the ability to effectively convey complex technical security issues to stakeholders.
- Collaborative approach and hands-on experience with security technologies, and a deep understanding of security policies, risk management, and industry standards, including ISO 27001 and HIPAA regulations.
Benefits
- Salary packaging
- Subsidised health and wellbeing services
- Fitness and cultural clubs
- Myki discounts
- 25% discount on graduate courses for staff and their immediate families
- Generous leave provisions.
Notes
- This role requires that the successful candidate must undergo and maintain an up-to-date Working with Children Check.
- Visa sponsorship is not available for this position. This role requires current valid work rights for Australia.
Cyber Security Assurance Analyst
The University of New South Wales (UNSW Sydney) UNSW Kensington Campus, Sydney, NSW
Dates
- Opening Date: 25-Sep-2024
- Closing Date: 08-Oct-2024
Location
- UNSW Kensington Campus, Sydney, NSW
Salary
- Starting Salary $110,073 plus generous superannuation
Responsibilities
- Support the maintenance and operational delivery of cyber security controls assurance services designed to assess whether minimum defensible and enhanced controls are operating effectively and consistently.
- Conduct regular reviews, audits and assessments to evaluate the design and operational effectiveness of internal cyber security controls defined in scope of controls assurance.
- Ensure controls effectiveness tests are performed, such as vulnerability scanning, penetration testing, and control testing, etc., to validate the effectiveness of controls.
- Identify and analyse potential vulnerabilities, threats, and risks to UNSW's assets and determine if the controls are in place to adequately address them.
- Engage with key stakeholders in responding to queries associated with controls stipulated in Cyber Security Standard.
- Ensure the registration (on Cyber Security GRC platform) of the risks identified from controls assurance activities.
- Ensure that the identified risks, threats, and control effectiveness ratings are entered into UNSW’s Cyber Security TRA (Threat and Risk Assessment) platform.
- Support the reporting of assurance to management and stakeholders that the implemented controls are appropriately designed, implemented, and operating effectively to protect UNSW's information assets.
- Administer, and support the operational delivery of metrics reporting using metrics dashboard.
- Maintain accurate records of control assessments, findings, and remediation actions.
- Any other duties commensurate with this position and as required by the Cyber Security Assurance Manager.
- Align with and actively demonstrate the UNSW Values in Action: Our Behaviours and the UNSW Code of Conduct.
- Cooperate with all health and safety policies and procedures of the university and take all reasonable care to ensure that your actions or omissions do not impact on the health and safety of yourself or others.
Requirements
- A relevant tertiary qualification with subsequent relevant experience or an equivalent level of knowledge gained through any other combination of education, training and/or experience.
- A minimum of 1-3 years of experience in cyber security governance, compliance, risk management or cyber security operations within major organisations.
- Foundational understanding of control assurance testing/auditing/identity and access management principles and knowledge of cybersecurity principles and practices.
- Knowledge of industry-wide security standards and compliance frameworks such as ISO/IEC 27001, NIST CSF, COBIT 5 etc.
- Relevant industry certification(s) such as CSX, CRISC, ISO/IEC 27001 Lead Implementer/Auditor, AWS, Google, Microsoft Technology (highly desirable).
- Ability to present with credibility and translate technical and complex information concisely for diverse audiences using strong analytical and problem-solving skills.
- Strong negotiation and influencing skills to effectively manage key stakeholders, build robust relationships and work with a diverse set of business and technology people across the university and third-party vendors.
- Demonstrated high level of personal motivation, resilience, and ability to work effectively individually or in teams.
- An understanding of and commitment to UNSW’s aims, objectives and values in action, together with relevant policies and guidelines.
- Knowledge of health and safety responsibilities and commitment to attending relevant health and safety training.
Benefits
- Flexible hybrid working
- Additional 3 days of leave over the Christmas Period
- Access to lifelong learning and career development
- Progressive HR practices
- Discounts and entitlements
Notes
- The University reserves the right not to proceed with any appointment.
Deputy Chief Information Security Officer (Deputy CISO)
The University of New South Wales (UNSW Sydney) UNSW Kensington Campus, Sydney, NSW
Dates
- Opening Date: 27-Sep-2024
- Closing Date: 10-Oct-2024
Location
- UNSW Kensington Campus, Sydney, NSW
Salary
- Excellent salary package
Responsibilities
- Collaborate with the CISO to define and execute the cyber security vision, strategy, and roadmap.
- Lead the development and implementation of the cyber security risk management framework.
- Lead the definition and implementation of a cyber security engagement, risk awareness and training program.
- Lead the coordination of cyber security objectives with related University delivery functions, including but not limited to: Technology service delivery functions; Legal and Privacy; Records Management; Procurement; Learning & Development; Data Management and Governance; Enterprise Risk Management; Research Infrastructure; International Engagement & National Security; Conduct & Integrity; Recruitment.
- Manage the day-to-day operations (including budgetary management, and financial approvals in line with delegation) of the following cyber security functions: strategy; governance; architecture; risk advisory; engagement and awareness; risk management; compliance; controls assurance and testing.
- Manage the cyber security governance arrangements associated with the University’s ISO/IEC 27001 certification.
- Manage the cyber security function’s risk and control measurement and reporting obligations.
- Oversee and develop relationships with external partners, vendors, and regulatory bodies.
- Manage the Cyber Security function’s participation in relevant audits, assessments, and compliance activities.
- Deputise for the CISO by agreement.
- Represent UNSW in industry forums to provide thought leadership across the sector.
- Align with and actively demonstrate the Code of Conduct and Values.
- Ensure hazards and risks psychosocial and physical are identified and controlled for tasks, projects, and activities that pose a health and safety risk within your area of responsibility.
Requirements
- Bachelor’s degree in Cyber Security, Computer Science, Information Technology, or a related field with extensive experience in a senior cyber security leadership role.
- Significant experience in formulating and implementing cyber-security strategy in complex organisations.
- Significant experience in managing delivery of cyber security services in a complex organisation.
- Excellent written and verbal communication skills.
- Strong knowledge of cyber security, IT service management and technology architecture frameworks (e.g., NIST, ISO 27001, COBIT, ITIL, TOGAF).
- Strong analytical and problem-solving abilities, with a keen attention to detail.
- Strong interpersonal, communication and negotiation skills including ability to develop effective relationships and influence key stakeholders at all levels in the organisation.
- Demonstrated high level of personal motivation, resilience, and ability to work effectively individually or in teams.
- Detailed understanding of cyber security risks in the context of cloud security and emerging technologies.
- CISSP, CISM, or other relevant certifications.
- An understanding of and commitment to UNSW’s aims, objectives, and values in action, together with relevant policies and guidelines.
- Knowledge of health and safety responsibilities and commitment to attending relevant health and safety training.
Benefits
- Flexible hybrid working
- Additional 3 days of leave over the Christmas Period
- Access to lifelong learning and career development
- Progressive HR practices
- Discounts and entitlements
Notes
- The University reserves the right not to proceed with any appointment.