Cyber Governance Lead

**Our Story**

Scentre Group is the owner and operator of 42 Westfield living centers in Australia and New Zealand; partnering with the world’s leading retail and luxury brands to create a unique shopping and leisure experience for our customers. A career with us fosters the chance to be a part of a company that is transforming the digital and physical retail space.

Every day, our people play a vital role in our purpose to ‘create extraordinary places, connecting and enriching communities.’

**Your opportunity**

The Cyber Governance Lead plays a pivotal role in embedding a culture of cyber risk and control management across the Scentre Group business. Our Operational Governance capability is a key component in enabling us to inform and manage our Enterprise Risk profile. The Cyber Operational Governance Lead will enable this by establishing processes and processes to identify, communicate, measure and report the operational effectiveness of our key cyber controls.

**You will have overall accountability for**:

- Cybersecurity Risk and Controls
- Maintain and continually improve Scentre Group’s key cyber control framework, including alignment to global standards
- Work with product and platform owners to ensure a common understanding of the control requirements for business critical assets
- Adopt a data driven approach to measuring the effectiveness of Scentre Group controls
- Third Party Risk Management
- Maintain and continually improve Scentre Group’s processes for measuring and managing risk across our contracted third parties
- Maintain an accurate view of our risk profile across third party suppliers
- Cybersecurity Posture Reporting
- Maintain and continually improve Scentre Group’s cybersecurity metrics framework to measure the effectiveness of our controls
- Identify opportunities to introduce automation over control effectiveness measurement
- Produce executive and stakeholder reporting on the Cyber posture of the organisation
- Foster a culture of Cyber risk & compliance management and culture across the organisation
- Seek solutions where we can enable the business by leveraging insights

**What will set you apart from the rest?**
- Demonstrated leadership to drive change and innovation
- Self-starter and strong organisation skills
- Highly organised in a fast-paced environment
- Strong customer orientation and technology acumen
- Strong influencer - ability to interact with all levels within the organization
- Strategic long-term thinking and outcome focused
- Actively listen to other team members
- Finds new ways of solving problems
- Able to accept and action feedback
- Excellent verbal and written communication skills

**Additional, favorable skills or experience**:

- Broad understanding of cybersecurity risks and control domains such as Cloud Security, Data Protection
- Deep expertise with Security frameworks, including NIST and ISO27001
- Expertise with Risk Management frameworks and experience in measuring risk
- Expertise in measuring effectiveness of Security controls
- Data and analytics mindset
- Strong communication skills and ability to explain cybersecurity risks clearly at all levels of the organisation
- Proven expertise in consulting and influencing across business departments
- Employs authentic storytelling techniques drive compelling stories and messages
- Adopts a Leader-as-Coach approach to leadership

Our diverse and inclusive workforce is not only something we’re proud of, but something we’re committed to. We encourage and support our people to bring their ‘whole selves’ to work every day. This is because we believe all our differences contribute to our success and ensures a workforce that reflects the customers we serve. Our commitment is backed by executive and employee-led working groups including All Abilities, LGBTI, Mental Health & Wellness and Gender Equity alongside other initiatives such as our Reconciliation Action Plan to grow our Aboriginal and Torres Strait Islander workforce.