Information Security Advisor

Hybrid Working - 2 days in the office, 3 days' work from home.
- Join a highly respected autonomous team
- Generous discounts on Power, Gas, Mobile and Internet

**About Vocus**

We’re a leading specialist fibre and network solutions provider that’s all about making things better, simpler, and easier, for both our customers and team members.

Our mission is to be the challenger that our customers deserve, and our people are proud of every day. We are Australia’s fourth-largest telco and a leading specialist fibre and network solutions provider, connecting Australia and New Zealand to the world. We bring together some great retail brands, too. We’ve built, own, and manage our own networks. We work hard to be united as one team, dedicated to providing amazing experiences for our customers.

**The opportunity**

As Information Security Advisor you’ll be joining a highly respected autonomous team, in a full-time permanent role operating out of Melbourne, New South Wales or Perth. The key focus of the Information Security Advisor role is laid out below:

- To identify and rate security risk, develop and pro-actively support the implementation of security policies, conduct security risk assessments, meet regulatory security obligations, and implement preventive security measures/controls to safeguard Vocus technology infrastructure and information assets.
- To provide direction and oversight in the architecture, development, and maintenance of effective security controls for the organisation's external and internal networks and to ensure that all operational aspects of Information Security align with the organisation's policies, business requirements and risk position.
- Uplifting the network security posture in accordance’s with, industry security best practices, the Australian Cyber Security Centre (ACSC) Essential Eight security framework and ISO27001, NIST and PCI DSS.

***

**What you’ll be doing day-to-day**
- Act as design authority, ensuring that all network security solution architecture, activities, and deliverables (in-house and external outsourced) are produced to a high quality and are consistent with existing standards, policies and strategies.
- Proactively conduct security assessments on systems and network equipment, identify security vulnerability/weaknesses, evaluate countermeasures, and recommend best security practices to mitigate the vulnerabilities.
- Participate in and recommend security controls for Network and IT related projects with a progressive approach to finding security gaps and optimised compensating security controls.
- Be a champion of effective security best practices and promote their acceptance, adoption, and socialisation.
- Create reports and documentation outlining findings and recommendations.
- Develop and maintain regular information security reports for managers and team.
- Participate in the Cyber Security Incident management process.
- Assist the Information Security Manager with continuous review and ensuring compliance to security standards and policy.
- Vendor Security Assessment and reviewing the process of onboarding vendors.
- Assist with Security Awareness training programs.

***

**You’ll bring to this role.**
- Minimum 5 years’ experience in a large Enterprise or Service Provider organisation coupled with a strong passion for information security and commitment to continuously improving user experience outcomes.
- Tertiary qualification in IT, Computer Science, or a related discipline or desirable with experience working in large, distributed enterprise environments.
- Experience with security technologies such as next generation firewalls, Network IDS/IPS, VPN, web proxy, WAF, AAA (Authentication, Authorization, and Accounting) services, Multifactor authentication, NAC solution and SIEM.
- Prior experience with vulnerability scanning, security monitoring and threat intelligence tools.
- Network Security Hardening (System and Network) based on industry best practices and Network Security Experience, with an excellent understanding of network fundamentals. (E.g., Knowledge of Local Area Networks, TCP/IP, IPSEC and high-level communication protocols and multiple operations systems (Windows, Unix, Linux, etc.) and communication protocols running on various layers of the OSI (Open Systems Interconnection) stack.)
- Knowledge and expertise in the Governance and, Risk Management of technical services.
- Be an enabler, demonstrating leadership and help build a successful and respected team who add value and deliver services that make a difference.
- Communication skills with demonstrated ability to engage business and technology teams.
- Ability to build strong relationships and maintain a rapport with supporting colleagues/team members, internal Vocus stakeholders, and 3rd party service providers.

***

**Vocus Vibes & Perks**

Our business is crazy about customers. We use disruptive thinking every day to deliver incredible experiences to our c