Skip to content


Melbourne, Melbourne - AUD Permanent Posted: Thursday, 12 September 2019
About the role: We are looking for a Cyber Risk and Governance Specialist to join our growing Cyber Security team. You will be responsible for ensuring the design and operating effectiveness of security controls, performing security risk assessments and consulting engagements across Interactive's internal business and customer environments. Your key responsibilities include:

Information security program management aligned with ISO27001
Tracking the security compliance program including risks, vulnerabilities and remediation plans
Security policy and process development to meet security objectives
Conducting internal and third-party security audits
Creating and presenting security governance reports to executive stakeholders
Raising security awareness within the organization and helping all stakeholders understand their responsibilities
Presenting Interactive security controls to auditors
Performing security risk assessments in consulting engagements for Interactive customers

To be successful in this role, you will have:

A strong desire to learn and drive improvement across the business
Strong knowledge of security control frameworks including ISO27001, NIST 800-53, Australian Signals Directorate Top 35, PCI-DSS
Strong knowledge of security risk management frameworks including ISO27005 and NIST 800-30
Working knowledge of IT security controls associated with security systems, including but not limited to: Firewalls, IDS/IPS, Mail and Web Security, SIEM, DLP, anti-malware, host-based security, anti-malware, vulnerability management, mobile device security
Threat modelling experience
Exceptional report writing and written skills
The ability to present to executives

In addition, the following experience is not essential, but nice to have:

Experience working in a customer-facing environment;
Experience in security consulting and interfacing with third-party auditors;
Experience in managed services environments and security consulting;
Experience applying APRA information security guidelines;
Experience managing security incidents

Melbourne, Melbourne, Australia
12/09/2019 10:10:12 AM

We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.