We are seeking a highly skilled and experienced Cyber Security Specialist to join our client's team through Acme Services. This pivotal role is responsible for ensuring business compliance with internal cybersecurity frameworks, managing security certifications, and leading risk assessments. The ideal candidate will have 5+ years of experience in large organizations, a strong understanding of risk and governance, incident management, and relevant industry frameworks like ACSC Essential 8, ISM, NIST, and ISO 27001. You will play a crucial role in enhancing our client's security posture and providing expert guidance across the business.
Key Responsibilities
- Compliance & Certification Management: Ensure business compliance in line with internal cyber security frameworks and standards. Maintain the company's current security certifications and review and update relevant policies across the business required for various certifications.
- Risk Management: Perform thorough Risk Assessments, advise teams and clients of identified risks, and negotiate effective treatment plans. Evaluate IT risks focused on cyber security.
- Incident Response: Coordinate response and remediation efforts for Cyber Security incidents, ensuring timely and effective resolution.
- Continuous Improvement: Support the continuous improvement of information security services and align the maturity of services against industry practices and business requirements.
- Threat Intelligence & Guidance: Maintain a deep understanding of information security trends and threat intelligence, ensuring threats and controls are well understood across the organization. Provide expert guidance and support to team members and business units on cyber security best practices.
Requirements
- Tertiary Education, or other relevant qualifications.
- 5+ years of experience working with large organizations such as IT Consulting, Professional Services, or Government.
- Strong understanding of Risk and Governance, Cyber Security Incident Management, Audit and Compliance, Policy, Cloud technologies, and Application Security.
- In-depth understanding of risk management principles, and the application of risk assessment processes to Information Security.
- Demonstrated experience with applying information security principles, standards, and frameworks, including Australian Cyber Security Centre (ACSC) Essential 8 & Information Security Manual (ISM), and other applicable frameworks such as NIST and ISO 27001.
- Ability to learn new product updates and technologies rapidly.
- Industry certifications such as CISSP / CCSP / CISM / CISA / CRISC are highly desirable.
- Excellent written, verbal, and interpersonal skills, with a high level of accuracy and attention to detail.
