Specialist, Third Party Security

**About us**

At Sydney Trains our vision is to keep Sydney moving by putting the customer at the centre of everything we do. We work at the heart of local communities and integrate cutting edge technology to deliver efficient rail services which exceed expectations and support a rapidly growing economy. Sydney Trains also operate the Rail Operations Centre and are responsible for the maintenance of assets including tracks, trains, signals, overhead wiring, stations and facilities. We conduct our operations in the community in compliance with the principles of ecologically sustainable development.

Our Operational Technology Unit within Network Maintenance is responsible for ensuring high availability and reliability of Control Systems, Wireless and Fixed voice and data networks, Condition Monitoring and Passenger Information infrastructure and Cyber Security of Operational Systems.

**The opportunity**

Right now, we have an opportunity for a Specialist, Third Party Security to join us in the Operational Technology Unit to lead the way in ensuring cyber security risks are appropriately managed for our operational systems.

**What you will be involved in**:

- Working with and conducting security assessments of all Third Parties and contractors.
- Working with Procurement teams on Request for Proposals (RFP) and contracts and advising on security issues
- Planning and conducting risk assessments of third parties with regards to their cyber security capabilities and maturity, with reference to ISO27001 and Cyber Security Management System (CSMS) framework
- Preparing and presenting third party and supply chain cyber risk reports and attestations to management, key committees, and other relevant stakeholders
- Developing risk remediation plans to address identified third party risks, working with security, technical and procurement teams

**About you**

You are tertiary qualified in a relevant Engineering, Technology or Cyber Security discipline with an understanding of IEC 62443 and ISO 27001 standards, looking for an opportunity that will give you exposure help shape Sydney Trains cyber security strategy.

Your strong stakeholder engagement and communication skills will ensure your ability to present highly technical information in an understandable manner, and then influence a variety of stakeholders to follow the required cyber security standards that will in effect drive improvement and change.

Ideally, you will also have a strong grasp of Cyber Security and Operational Technology and a demonstrated understanding of managing interface issues between various technical, production and operational disciplines.

You will have a strong understanding of cyber security risk management and the various cyber security standards and demonstrated experience conducting risk assessments of third parties with regards to their cyber security capabilities and maturity. Cyber Security and/or Risk Certifications such as CISSP, CISM, and CRISC, will be highly regarded.

**Want to know more?**

**Interested?**

Right now is an exciting time to join our team as we prepare to meet the needs of customers with a world-class rail system.

**Salary and benefits**

RC Grade 7 $143,555 - $157,945 plus super & annual leave loading

Sydney Trains offers its employees challenging and rewarding work with opportunities for career progression, learning and development and work-life balance. Other benefits include:

- Free travel on Government trains, buses and ferries
- Flexible work practices

Need help?

Applications Close: Sunday 4th September at 11:59pm

We are the community we serve

We are committed to being an inclusive, diverse and flexible workplace where differences are valued. We welcome people of all backgrounds, experience and abilities.

We enable our people to work in ways that work for them and their teams. Working virtually and from different locations including regional locations, staggering work hours and job sharing are just some of the ways our people can work flexibly.

Please contact the Talent Specialist if you require any adjustments to be made to how you interact with us throughout the recruitment process or would like to discuss flexible work options.