Cyber Grc

Flexible work arrangement - Hybrid
- Awarded Best place to work for women in Security 2022.
- Brisbane, Sydney, Melbourne or Adelaide based

**Delivering good energy starts from within**

It’s an exciting time to join Origin. Creating a great place to work means together we’re progressing our ambition to lead the energy transition through cleaner energy and customer solutions. We’re always looking for better ways to deliver for our customers - and for our people.

**About the role**:
This role is responsible for the management of Cyber Risk Management and Security awareness programs across Origin. This includes working with technology and business units to identify and assess cyber security risks, report on these risk trends and management, plan and lead control assurance activities.

**Why this role matters?**
- Implement cyber security risk governance activities across Origin in line with Origin’s risk appetite. The purpose of this activity to is to ensure appropriate identification, assessment, reporting and governance of security risks and controls to management. This includes providing adequate and timely reporting of risks and status to stakeholders and various risk committees.
- Develop and execute 2nd line assurance activities over cyber security controls.
- Develop the overall security awareness plan based on key cyber threats and risks, and coordinates the required activities with the relevant contributors and stakeholders.
- Ownership and continuous improvement of internal processes and business decisions by performing cyber risk identification, analysis, and assessment in a pragmatic manner.
- Facilitate risk workshops with Business and Technology stakeholders to identify and document detailed security risk assessments.
- Identify and manage the legal or regulatory cyber related requirements that may impact Origin (e.g SOCI) and prioritise with the relevant stakeholders for action.
- Coordinate AES-CSF compliance attestation.
- Translate technical risks, vulnerabilities, and deficiencies in business appropriate language for consumption by business stakeholders and communicate recommendations to senior stakeholders.
- Schedule, plan and execute second line risk and control assurance programs over the design and effectiveness of key cyber controls.
- Maintain security key controls library.
- Regular reporting to management on cyber security risks and issues.

**What will you bring?**

You will have a degree in IT, Security, Risk, Engineering, Software Development, Architecture or Design or similar.
- **7+ years working experience** in the following areas: cyber security, risk management, control assurance, technology audit in an **enterprise corporate environment**.
- **Certification** such as CISA, CISM, CRISC, CISSP or similar.
- Practical experience in working with security standards and frameworks.
- Ability to engage in and deliver multiple tasks simultaneously and pro-actively.
- Good communication, stakeholder management, report writing and presentation skills.
- Experience in facilitating outcome focused risk workshops with a range of stakeholders.
- Experience in organisation-wide reporting.

**So, why join us?**
- Discounted Origin products benefits for employees, including Electrical, Gas and Internet offers
- Hybrid working environment, opportunity to connect with your team in our CBD office while working from home 2/3 days a week
- Competitive salary + annual performance bonus + performance based reviews
- Origin 360 Electric Vehicles (EV) employee subscription offers a fantastic range of EVs, with flexible month-to-month plans and no lock-in contract.
- Free and confidential counselling for employees and family members.
- A great high energy team, that encourages interesting, rewarding, and engaging work

**Origin - Where good change happens**

At Origin, we’re powered by people who believe in creating change.

Enjoy a challenging career in an exciting industry where you can grow and explore your potential. If you think you have transferable skills, an appetite to learn and would be a great fit, we’d love to hear from you.

Please note unsolicited CVs from agencies will not be accepted.

**_Origin recognises Aboriginal and Torres Strait Islander Peoples as the Traditional Custodians of country throughout Australia, and we pay our respects to Elders past, present and future._