Head of IT Security
City of Darebin
Security (Information & Communication Technology)
NFP in the northern suburbs have an opportunity for a Head IT Security to join to the organisation and lead the security function. The successful candidate will play a crucial role in ensuring the security and integrity of the organization's IT systems and data.
Key Responsibilities:
Develop, implement, and maintain IT security policies, procedures, and protocols in accordance with ISO 27001 standards.
Lead the Right Fit For Risk Program and be accountable for driving success and maintain accreditation
Develop and execute the Groups information security strategy, policies, and procedures to safeguard digital assets, data, and infrastructure.
Lead and manage a small team of cybersecurity professionals to effectively implement security measures and protocols
Conduct risk assessments and vulnerability analyses to identify potential security threats and weaknesses and develop mitigation plans.
Stay abreast of the latest cybersecurity trends, threats, and technologies to continually enhance the organisation's security posture.
Collaborate with all business and departments, such as IT, legal, property and risk, to ensure alignment of security initiatives with business objectives and regulatory requirements.
Oversee the implementation of security controls, such as access controls, encryption, and intrusion detection systems, to prevent unauthorised access and data breaches.
Develop and implement incident response plans to effectively respond to and mitigate security incidents and breaches.
Contributing to business continuity and disaster recovery planning to ensure it is effective.
Oversee cyber supply chain risk management activities to collaborate with Legal, Procurement and the business to ensure compliance.
Manage and maintain policies relevant to IT Security.
Provide regular reports and updates to senior management and stakeholders on the Groups security posture, including key metrics and emerging threats.
Lead cybersecurity awareness and training programs to educate employees on best practices for security hygiene and compliance.
Foster a culture of security awareness and accountability throughout the group, promoting a proactive approach to cybersecurity.
Key Skills and Qualifications:
8 to 10 years in information security with 5 + years in a leadership role
Strong technical background in IT security, with a deep understanding of security principles, technologies, and best practices.
Proven experience in maintaining ISO 27001 certification and implementing related security frameworks.
Strong knowledge of regulatory requirements, such as GDPR, HIPAA, and PCI DSS.
Familiarity with the Australian Government's Protective Security Policy Framework (PSPF) and Information Security Manual (ISM).
Hands on IT Security Background with and understanding around Penetration Testing
Excellent communication and interpersonal skills, with the ability to effectively liaise with internal and external stakeholders at all levels.
Strong leadership and decision-making abilities, with a focus on driving results and achieving organizational objectives.
Relevant certifications such as CISSP, CISM, or equivalent
Flexible work requirements, happy with 1 or 2 days per week in the office for the right candidates (or more if desired).
Please apply for immediate consideration or call Liz on 0414214325 for a confidential discussion.
Report this job advert Don’t provide your bank or credit card details when applying for jobs.
Choose from thousands of courses delivered by leaders in education.
#J-18808-Ljbffr