Cyber Compliance Analyst
6 months ago
Cyber Compliance Analyst
The McMillan Shakespeare Group (MMS) is a trusted provider of salary packaging, novated leasing, disability plan management and support co-ordination, asset management and related financial products and services. From our origins in 1988 when we created Australia's salary packaging industry to today, MMS has a proud history of innovation and exceptional service.
Through our subsidiaries, we offer a breadth of services and expertise designed to responsibly deliver superior long-term value to our clients and customers, which include Federal and State governments and some of the largest public and private sector, health and charitable organisations.
At the heart of achieving this mission is our team. Driven by a passion for the work we do, we work together with our customers to make a real difference to people's lives.
MMSG has several compliance obligations imposed by the regulatory and contractual environment in which we operate. The Cyber Compliance Analyst is tasked with analysing and monitoring strict compliance of internal IT general and cyber controls, providing support in internal and external audits and contributing to improving risk posture of our digital and traditional on-premises services.
A key component of the role is monitoring compliance of IT security controls (ISO27001, ASD (Essential Eight), NIST), conducting risk assessments, managing security education and awareness programs, ensuring staff and 3rd parties are abreast of due diligence and compliance requirements, writing business communications about new security threats and working with IT functional teams and business stakeholders to ensure baseline security requirements are met and assets remain protected within these functional areas.
The Cyber Compliance Analyst is also responsible for developing, maintaining and reporting risk management frameworks that aim to protect the confidentiality, availability and integrity of group assets including data. The role also requires experience in IT General controls and/or IT Audits, preferably from a Big4 or consulting experience background.
**Key Responsibilities**:
- Map existing contracts against security standards identifying potential gaps in compliance and for input into the information security policy and standards
- Provide support and relevant guidance to external IT auditors and ensure relevant artefacts are timely provided
- Evaluate cyber-security standards including NIST, ASD (Essential Eight), ISO27001 and PCI DSS for alignment with internal frameworks
- Ensure internal security standards, policy, audit, and contracted security requirements are communicated across the business and with 3rd Parties
- Ensure 3rd parties comply with all relevant due diligence obligations and provide regular attestations
- Manage the cyber-security education, training and awareness program and educate employees in security best practices
- Periodically conduct security reviews and workshops to report business effectiveness in meeting documented standards, controls, and compliance to contractual or policy objectives
- Oversee the Information, Communication and Technology Risk management framework
- Conduct regular risk assessments and workshops to ensure risks to the organisation are assessed and understood, and are fed back to stakeholders to ensure the continued effectiveness of the risk management strategy
- Contribute to improve risk posture, contribute solutions for remediating or mitigating risks and assess residual risks
- Work with all stakeholders to educate and identify controls and compliance requirements that are applicable
- Respond to information security incidents, as requested
- Maintain and develop cyber incident response processes and procedures when new threats to the organisation arise
- Be an active participant in incident management to support controlled and coordinated responses
- Contribute to policy development
- When necessary, prepare Post Incident Reviews
- Any other security risk and compliance initiatives, as requested.
**You will bring**:
- Experience with IT General Controls and/or IT Audits is essential
- Experience with legal and regulatory obligations such as the Australian Privacy Principles.
- Experience with ISO27001 -a formal certification is a basic requirement
**Not essential but advantageous if you have experience in**:
- IT Security and Risk Management such as ISO 31000
- ASD Essential Eight = preferred but not compulsory
- NIST = nice to have but not essential
- PCI DSS = nice to have
- CRISC Certification - nice to have
**What we can offer you**:
- Our strong people-first culture
- Flexible/hybrid working to enhance your work/life balance
- Novated lease benefits and discounts
- 12 weeks Paid Parental leave and access to our Parents Portal
- Exempt Employee Share Plan
- Paid Income Protection Insurance under MMSG default Super plan
- Access to a broad range of learning and development programs
- Career break and voluntee
-
Cyber Compliance Analyst
6 months ago
Melbourne, Australia McMillan Shakespeare Group Full timeThe McMillan Shakespeare Group (MMS) is a trusted provider of salary packaging, novated leasing, disability plan management and support co-ordination, asset management and related financial products and services. From our origins in 1988 when we created Australia's salary packaging industry to today, MMS has a proud history of innovation and exceptional...
-
Cyber Security Risk Analyst
1 week ago
Melbourne, Victoria, Australia Recruitment Hive Full timeCyber Risk Analyst - Contract PositionWe are seeking a highly skilled and experienced Cyber Risk Analyst to join our team on a contract basis. As a Cyber Risk Analyst, you will be responsible for conducting security risk analysis of internal systems and assessing the cyber threat, inherent vulnerabilities, and the likelihood and consequences of adverse...
-
Cyber Risk Analyst
5 months ago
Melbourne City Centre, Australia HAYS Full timeCyber Risk Analyst, Melbourne CBD, 6- month contract, $900.00 - $1000.00 p/d + Super **Your new company** This role sits with organisation collaborate with aerospace industry, for our client looking for a Security Risk Analyst to join their cyber security team. **Your new role** As a Cyber Risk Analyst you’ll be joining the team to coordinate IT risk...
-
Grc Cyber Analyst
5 months ago
Melbourne, Australia Arup Full timeA career at Arup offers you the chance to make a positive difference in the world. Independently owned and independently minded, we attract a diverse mix of people to work on ground-breaking global projects. We have an ambitious commitment to be the digital leader in the built environment and have digital teams and experts all over the world, who collaborate...
-
Cyber Security Analyst
5 months ago
Melbourne, Australia Ignite Specialist Recruitment Services Full timeContract Type Contract Reference BH-369650 Industry IT Salary Negotiable - The Security Expert will provide services as a senior information and cyber security analyst, to oversee the technical implementation and delivery of a suite of priority cyber security services to the department and its partners, including the Australian Signals Directorate...
-
Grc Cyber Analyst
5 months ago
Melbourne, Australia Arup Full time**Joining Arup** Arup’s purpose, shared values and collaborative approach has set us apart for over 75 years, guiding how we shape a better world. As a governance, risk and compliance (GRC) cyber analyst for our growing global cyber security team you will help protect Arup’s digital infrastructure and data from cyber-attack. You will help to assess...
-
Cyber Security Analyst
5 months ago
Melbourne City Centre, Australia Parliament of Victoria Full timeParliament of Victoria - Department of Parliamentary Services We have an exciting opportunity for a Cyber Security professional. Reporting to the Cyber Security Coordinator you will work closely with the IT Team on Cyber Security activities within the Parliament of Victoria. You will play a vital role in keeping Parliament's proprietary and sensitive...
-
Cyber Security Analyst
2 months ago
Melbourne, Victoria, Australia ignite Full timeExciting Cyber Security OpportunityWe are seeking a highly skilled Cyber Security Analyst to join our team in Canberra or Geelong. As a key member of our Cyber Security team, you will play a critical role in developing and delivering capabilities to protect our organization's assets.Key Responsibilities:Conduct threat analysis and mitigation to identify and...
-
Security Analyst
5 months ago
Melbourne, Australia Quigly Cyber Full timeHigh performing, diverse, inclusive, and supportive team - Proudly making a difference with the transition to renewable energy - Access to corporate discounts | Fitness Passport | EAP Quigly are a boutique consultancy with a great network of clients across many industries. **Company Overview** Join one of Australia's top organizations. Our client improves...
-
Cyber Security Analyst
1 month ago
Melbourne, Australia CYOS Solutions Full time**Application closing date**: Wednesday, 23 October 2024 - 11:59pm, Canberra time (in Canberra) **Estimated start date**: Wednesday, 01 January 2025 **Location of work**: VIC **Length of contract**: 12 Months **Contract extensions**: 1x 12 Months **Security clearance**: Must have Negative Vetting Level 1 **Rates**: $100 - $130 per hour (inc....
-
Cyber Security Analyst
1 month ago
Melbourne, Victoria, Australia Latitude IT Full timeDFIR AnalystWe are seeking a talented individual to join our client's team as a DFIR Analyst.Key Responsibilities:Develop and enhance cyber security strategies to protect our organisation from current and emerging threats.Collaborate with internal teams to address cyber security incidents and provide actionable intelligence to stakeholders.Design and conduct...
-
Cyber Security Analyst
5 months ago
Melbourne, Australia Envirosuite Full time**Purpose** **Responsibilities** - Contribute to a culture of continuous improvement in cyber and information security defence and response. - Evaluate and assist with the design, implementation and support of security tools and services. - Assist in the implementation and maintenance of security controls and policies to ensure compliance with industry...
-
Cyber Security Analyst
4 weeks ago
Melbourne, Victoria, Australia Green Light Full timeSenior Cyber Security AnalystGreen Light is a leading consulting organization in Telecommunications and System Integration Services. We are seeking a highly skilled Senior Cyber Security Analyst to join our team on a permanent basis.Responsibilities:Lead the integration of security systems into the client's Splunk setup.Design and implement threat models to...
-
Cyber Security Analyst
2 months ago
Melbourne, Australia Asahi Beverages Full timeAsahi have an exciting opportunity for a Cyber Security Analyst to play a vital role in safeguarding our digital environment. You will be responsible for detecting and responding to cyber incidents while collaborating with various teams to enhance security measures and mitigate risks. Your role will involve actively monitoring security threats, performing...
-
Cyber Security Analyst
1 month ago
Melbourne, Victoria, Australia Telstra Full timeJob TitleJunior SOC AnalystJob SummaryTelstra's Cyber Security team is seeking a highly motivated and passionate Junior SOC Analyst to join their ranks. The ideal candidate will have a strong background in cyber security and be able to work effectively in a 24/7 rotating shift pattern.Key ResponsibilitiesAs a Junior SOC Analyst, you will be responsible for...
-
Cyber Security Risk Analyst
5 months ago
Melbourne, Australia Transform IT Full timeExcellent permanent opportunity for a senior cyber security risk analyst to join a team of reputable cyber security leaders embarking on a high-profile transformation. Leveraging your cyber risk management expertise, you will partner with key stakeholder groups including senior leaders and provide strategic advice on the development of risk strategies,...
-
Cyber Security Analyst
1 month ago
Melbourne, Australia CYOS Solutions Full timeApplication closing date: Wednesday, 23 October 2024 • 11:59pm, Canberra time (in Canberra) Estimated start date: Wednesday, 01 January 2025 Location of work: VIC Working arrangements: Candidates must work from Services Australia's office a minimum of 3 days per week initially. Other working arrangements can be...
-
Cyber Analyst Programmer
1 month ago
Melbourne, Australia Epiq Systems, Inc. Full timeIt's fun to work at a company where people truly believe in what they are doing! Job Description: Position Summary Epiq’s Cyber Incident Response group is responsible for managing and overseeing review of data exfiltrated in cyber incidents to identify, extract, and report on the individuals whose personal identifying information (PII) and protected...
-
Cyber Security Threat Analyst
1 week ago
Melbourne, Victoria, Australia Group Digital Full timeAbout the RoleWe are seeking a highly skilled Cyber Security Analyst to join our team at Group Digital. As a key member of our security operations, you will play a vital role in safeguarding our digital environment.Main ResponsibilitiesMonitor security alerts and manage day-to-day incident response activities.Conduct thorough analyses of security events to...
-
Cyber Security Analyst
2 weeks ago
Melbourne, Australia CYOS Solutions Full time**Application closing date**: Tuesday, 12 November 2024 - 11:59pm, Canberra time **Estimated start date**: Monday, 16 December 2024 **Location of work**: VIC **Working arrangements**:Subject to negotiations with line manager, hybrid working arrangements in line with current NDIA policy are available (minimum of 3 days each week in the office, with...