|Posted||18 days ago|
The Information Security Risk & Governance Specialist is responsible for the implementation and running an Information Security Management System (ISMS). The ISMS is the key process by which this company will make decisions about security investment and demonstrate ongoing compliance with the cyber security obligations laid out by legislation and regulator as required.
Working in the Information Security Policy and Governance Team, the role will provide support to the other specialist roles involving audits and collection of evidence, but also in the production of risk and maturity assessments.
About the role:
- Seek and maintain productive relationships with relevant business stakeholders to ensure internal and external customer centricity drives all decision making.
- Work with the broader Information Security Team to raise the maturity of the information Security.
- Fulfil the role of subject matter expert on the ISO 27000 family of standards and the NIST Cyber Security Framework
- Ongoing maintenance and remediation activities as needed
- Build and maintain the Information Security Management System portal to ensure that all policies, metrics, logs and other items relevant to ISO 27001 are easily accessible from a single location.
- Ensure activities meet and maintain compliance with the Information Security Management System are being followed.
- Assure the health and effectiveness of Information Security controls
- Ensure the business completes quarterly reviews of IS program maturity (via the NIST CSF methodology) and maintain the internal Information Security Risk Register.
- Manage the annual audit for ISO 27001 compliance:
- Prepare for and execute annual PCI DSS audit
- If required engage auditor, plan & negotiate commercials &, timelines, & scope for audit; coordinate resources required for audit; act as point of contact, escort & liaise with assessor during audit
- In addition there will be an expectation that this role will support various compliance components specific to the clients industry.
- Excellent written and verbal skills with the ability to communicate complex thoughts and ideas clearly
- Experience in consulting and client-facing roles
- Strong work ethic and ability to lead by example
- High level understanding of technical infrastructure and networking
- Ability to work with differing stakeholders including external vendors
- Strong time management skills which allow for multi-tasking whilst managing shifting priorities.
- Highly developed interpersonal skills
- Strong problem solving and analytical skills
- A thorough understanding of the project/system development lifecycle
Working as the Information Security Risk & Goverance Specialist you will be given the opportunity to be involved with an award winning brand and involved within a group who are focused on being the best in the market. Outstanding company perks, working from home options and amazing team support.
To apply, click the link and upload your current resume in Microsoft Word format only (.doc or .docx). If you would like to have a confidential discussion, please contact Rell Werner on 0488 622 644, quoting ref no. JO-2104-103861. Want to know more about Davidson?
Visit us at www.davidsonwp.com