Description:
An opportunity is available for a Cyber Security Manager to work for a Financial Services company in Melbourne. This is a hands on security operations focused role working in a small team environment and will be accountable for leading the Cyber Security function, delivering on key initiatives of the security roadmap and managing security outsource providers. The role will be responsible for managing the response to incidents, maintaining policies and procedures, implementing security controls, improving relationships with managed service providers and educating staff on cyber security best practices.
- Security Policy and Procedure Development: Establish and enforce security policies, standards, and procedures
- Governance, Risk, and Compliance (GRC): Develop, implement, and manage a comprehensive cybersecurity governance framework. Ensure compliance with industry regulations, internal policies, and best practices. Conduct regular risk assessments and audits to identify vulnerabilities and recommend appropriate mitigation strategies.
- Board Reporting: Prepare and present reports on the organization's cybersecurity posture to the executive management and the Board of Directors. Provide insights into emerging cyber threats, incidents, and remediation efforts. Collaborate with stakeholders to define cybersecurity goals and objectives.
- Incident Response: Lead the incident response team in promptly addressing and mitigating cybersecurity incidents. Investigate security breaches, coordinate with internal and external stakeholders, and develop incident response plans. Implement measures to minimize the impact of incidents and prevent their recurrence.
- Security Controls: Develop and implement effective security controls to protect the organization's information assets. Evaluate and recommend appropriate security technologies, tools, and practices. Stay up to date with the latest cybersecurity trends, threats, and vulnerabilities.
- Vendor Management: Manage relationships with Security Operations Center (SOC) providers and managed service providers. Monitor their performance, ensure adherence to service level agreements (SLAs), and conduct regular assessments of their capabilities. Collaborate with vendors to improve security monitoring and incident response capabilities.
Technical Requirements
- Bachelor's degree in Computer Science, Information Systems, or a related field. Relevant certifications (e.g., CISSP, CISM, CRISC) are highly desirable.
- Proven experience in cybersecurity management within the financial services industry.
- Strong knowledge of governance, risk, and compliance frameworks and their application in a financial services environment.
- In-depth understanding of cybersecurity technologies, including firewalls, intrusion detection/prevention systems, encryption, and vulnerability assessment tools.
- Familiarity with security incident response and recovery procedures, as well as cyber threat intelligence.
- Experience managing vendor relationships and service level agreements.
- Excellent communication and leadership skills, with the ability to effectively collaborate with cross-functional teams.
- Strong analytical and problem-solving abilities, with a keen attention to detail.
- Ability to adapt to a fast-paced environment and manage multiple priorities effectively.