Job Description:

• A minimum of 10 years of experience in cyber security roles within major organisations, focusing on management of governance, risk, and compliance.
• Relevant industry certification(s) such as CISSP, CISM, CRISC, CISA, ISO/IEC 27001 Lead Implementer/Auditor and/or relevant industry experience
• Comprehensive understanding of industry-wide security standards and compliance frameworks such as ISO/IEC 27001, NIST, PCI DSS, HIPAA, GDPR etc.
• Significant experience in the development and implementation of information security management systems, policies, and standards.
• Significant experience in the development and implementation of security control assurance programs.
• Significant experience in the development and implementation of supply chain risk assessment frameworks.
• Demonstrated familiarity with contemporary security technologies and products.

Specific accountabilities for this role include:

· Support the delivery and continuous improvement of the Information Security Management System (ISMS), including governance policies, standards, and processes, to ensure that cyber security risks are appropriately managed.

· Conduct Cyber security self-assessment and controls assurance exercises designed to assess whether key controls are operating effectively and consistently, including auditing of internal cyber security controls and assessment of 3rd party/supply chain risk exposure.

· Undertake Cyber security risk advisory or strategy services designed to identify, evaluate, report on, and remediate cyber security risk.

· Cyber security risk management and reporting.