Information Security Specialist

The role of an Information Security Specialist is to understand the threat landscape, improve the effectiveness of Epiroc's Cyber Security Program and protect business assets. Identify Information Security risks and required mitigating activities, as well as raising awareness and educating employees and business partners to improve activities related to cyber risk management.

The role - What are the main tasks and responsibilities of this job?

• Serve as the primary point of contact between the business units in Australia and the central cybersecurity team, ensuring clear communication and understanding of security initiatives, policies, and concerns
• Participate in the Security Awareness Training area
• Participate in risk assessments to reduce risk and security exposure for Epiroc
• Communicate risk assessment findings and provide risk remediation guidance
• Identify opportunities to improve risk posture and give advice for risk mitigation
• Participate in developing the Information Security Management System (ISMS)
• Participate in developing and delivering Supply Chain security assessments
• Manage information security projects
• Assist in M&A Activities to evaluate information security requirements
• Participate in improving Information Ownership & Classification
• Assist in developing intellectual property Asset Management
• Supporting the business in creating Business Impact Analyses
• Business Continuity support
• Participate in improving our Threat Intelligence
• Participate in monitoring & reporting information security KPIs
• Liaise with the IT Security team

Competences, skills and experience - What critical competences, skills and experience are required for a candidate to be successful in this position?

• Excellent analytical skills
• Bachelor's degree in business information systems, Cybersecurity, Computer Science, or a related field, or equivalent work experience
• At least 3-5 years' experience in the field
• Knowledge of regulatory compliance, including information security management frameworks (e.g., ISF Standard of Good Practice, NIST CSF, ISO2700x, Essential Eight, SANS Top 20 Critical Security Controls, SOX, COBIT), preferred
• Security certifications such as CISSP, CISA or CISM is a plus
• High level of both verbal and written English. Additional languages are a plus

Behaviors – What would be successful behaviors for this position?

• Excellent communication skills, presentation skills and business understanding
• The ability to translate technical language into business terms and vice versa
• The ability to work independently, establish plans, report status and deliver according to plan

Why should applicants choose to work in this position and within this department?

• Epiroc has a relatively new Information Security function that develops and improves the information security within Epiroc. This is a great opportunity to be part of building a function and creating new ways of working - not just administering existing structures.
• As an Information Security Specialist, you will be part of the central Information Security organization with the objective of supporting the whole Epiroc organization and also to reduce risk and security exposures across the Epiroc Group.

It all starts with people. The world needs metals and minerals for the energy transition and our cities and infrastructure must be developed to serve a growing population. To succeed, we need to speed up the shift towards more sustainable mining and construction industries. We at Epiroc accelerate this transformation, together with customers and business partners in more than 150 countries, by developing and providing innovative and safe equipment, digital solutions, and aftermarket support.

All new thinkers are welcome. We are looking for those who want to develop, grow, and dare to think new. In Epiroc we attract, develop, and retain diverse talent valuing authenticity and unique perspectives, driving our spirit of innovation. We foster an inclusive culture where diversity isn't just a goal but a part of our values and way of working. This is how we do business for a sustainable future. Learn more at www.epiroc.com