Cyber Security Governance Specialist

**About Youi**

At Youi, we don't believe in conforming to the status quo. We're not your typical insurance company - and that goes for our approach to both selling insurance and hiring our team. With over 1,800 employees, we have ambitious goals to keep growing and continue delivering awesome insurance solutions across new products and distribution channels.

We pride ourselves on our diversity and individuality, both among our employees and the customers we serve. We believe that it is the unique combination of skills, perspectives, and experiences of our people that makes us truly stand out. Our company values reflect this - we are a dynamic, human-focused, honest, and passionate team who is dedicated to providing awesome service to our customers.

We recognise and value the contributions of each team member to our culture and success. At Youi, we're not afraid to be different, and we're looking for people who share our values and want to be part of a team that is making a difference in the insurance industry.

If you want a career that lets you, be you, and rewards you for your hard work, Think Youi.

**About the Role**

Working as part of the Cyber Security Team, the Cyber Security Governance Specialist provides expertise to inform and validate cyber security controls and governance against regulated requirements and applicable standards.

This position will drive the cyber security governance and controls alignment to regulations, standards, policies, procedures for both Youi and our third parties. Specifically driving and ensuring cyber controls compliance and reported against APRA CPS234 and related third party management, PCI-DSS, Youi Policy, and Youi standards.

You will work closely with enterprise architects and project managers to ensure that the delivery of security requirements, derived from regulations, standards, policies, are architected into new and existing products and services.

You will have a strong ability to collaborate with peers in the Cyber Security team, the wider IT team, with 3rd-party security partners, as well as internal customers within the business. Timely cyber governance reporting and maintenance/improvement of cyber security metrics are key elements of this role.

**About you**
- Information Security Qualification (e.g., Bachelor of Science degree and/or Certifications such as CISSP, CISM, SANS GSEC, SABSA) is highly desirable.
- Proven work experience in Cyber Security Governance or Information Security Governance, Security Solution Design and/or architecture.
- Experience in a Financial/Insurance institution highly desirable.
- Experience with performing of Security Threat and Risk assessments.
- Experience with the design/architecture, implementation, and operation of security solutions.
- Thorough understanding of the security principles, techniques, and protocols.
- Thorough knowledge of Australian Prudential Regulation Authority CPS234.
- Thorough knowledge of NIST Cyber Security Framework.
- Knowledge of Payment Card Industry Data Security Standard.
- Knowledge of Security Training and Awareness for enterprises.
- Good understanding of network and system security, including firewalls, intrusion detection and prevention systems, VPNs, and endpoint security technologies.
- General knowledge of security tools such as vulnerability scanners, SIEMs, and threat intelligence platforms.
- Excellent communication and interpersonal skills to work with stakeholders, business owners, and technical teams to communicate technical information to non-technical stakeholders and make recommendations to senior management.
- Strong analytical and problem-solving skills to assess complex security issues, develop solutions, and make recommendations for improvement.

**How to apply**

No agencies thanks, we've got this one covered.