Senior Cyber Security Advice and Assessment Specialist

Location: SYDNEY, NSW

Salary: Not Specified

Job Type: Permanent position | Full time position

• Managing data security & privacy requirements of clients based in Australia using best practice
• Working as a Data Security and Privacy SME to deliver and design solutions related to Information Security Governance & Strategy, Information Security & Privacy and Risk & Compliance frameworks.
• Skilled in managing multiple tasks, identifying problems at early stages, and developing successful problem resolutions
• Consulting and Advisory experience with client leadership and senior management across industries, understanding their business priorities and helping organisations create effective Information security strategies and data protection capabilities.
• Investigate additional technologies and tools for developing innovative Cyber Security strategies
• Lead independent risk assessments and challenge the design and effectiveness of controls with a willingness to conduct hands-on analysis
• and assessments and lead gap assessments per laws, regulations, and emerging trends
• Design and implement metrics to identify and report risks
• Ability to handle and resolve conflicts, achieve results, and enact widescale impact across the organisation.
• Evaluate and support the delivery of business solutions that align with customer information security policies, standards, and best practices and Implement and execute the security evaluation processes and techniques and leverage security technologies as a risk management tool to help the business
• meet and exceed business objectives.
• Evaluate the current posture of Information Security for specific clients and provide consultancy to help them comply with that customer's Data Security & Privacy Framework
• Reviewing Master Service Contracts, SoW, DoU and third-party agreements to understand the client security requirements
• Developing Security Plan and various Operating Procedure documents for individual clients to help them comply with the Data Security & Privacy Framework
• Perform Risk assessment and prepare Risk Management Documents for Clients and advise them about appropriate mitigating controls
• Reviewing Access Control List and Separation of Duties document to check / suggest if the conflicting roles are provided appropriate mitigating controls
• Mentoring a team of consultants, helping them to achieve client satisfaction
• Handle escalations on behalf of mentees.

Support mentees during client audits

• Perform Spot checks/audits and report findings to the senior management
• Track and ensure open audit findings are closed within designated timeframes by reporting and escalating issues to Project Managers and Executives
• Interpret technical security findings to a non-technical audience and assist in coaching the audience to close or mitigate findings
• Develop reports to show the status of audits, open findings, escalations, and data analysis
• Developing and delivering training content for all employees regarding the Standards and compliance with privacy laws
• Ensuring effective corrective actions as identified during the internal audit, is taken by the departments
• Coordinating periodic management review meetings
• Collaborating with and providing leadership to global cross-functional teams regarding privacy and data security standards compliance
• Managing internal and external audits of compliance with privacy and data security requirements
• For any breach of information security event and/or incident that comes to your attention, you will work together with the Global IT Manager to establish a corrective action plan and implement it to reduce such risks.

The ideal candidate will be part of a Cyber Security/Data team responsible for ensuring that Best Practice is used and executed in a manner that results in the overall offering being considered best in breed in the market and that the customer journey is simple and efficient with minimal impact on operations.