Information Technology

**Information Technology**

**Brisbane**

**Contract or Temp**

**Icon Group**
- Flexible WFH arrangements
- Competitive Remuneration + Supportive Team in an Open Plan Office
- Join a Rapidly Expanding Company with Career Advancement Opportunities
- 12 Month Fixed Term Contract Position, with opportunity for extension

**About us**:
Icon Group is Australia’s largest dedicated cancer care provider and has expanded globally into Singapore, Malaysia, Mainland China, Hong Kong, the UK, and New Zealand. The Group is built on a strong but simple vision - to deliver the best care possible, to as many people as possible, as close to home as possible.

We bring together all aspects of quality cancer care, including medical oncology, radiation oncology, haematology, pharmacy services and chemotherapy compounding to deliver a true end-to-end seamless service for cancer patients internationally. This care is delivered by a strong, experienced, and passionate multidisciplinary team with a common focus to deliver the best care possible.

**Benefits**:

- Professional development program
- Rewards and recognition program
- Flexible/Hybrid working arrangements
- Support from senior leadership

**About the role**:
Reporting to the Cyber & IT GRC Lead, we are seeking a Cyber & IT GRC Specialist to join our growing Cyber Security Team on a 12 Month Fixed Term Contract basis, with opportunity for extension, based at our head office in South Brisbane. As a key member of the Cyber Security Team and the broader IT team, you will be responsible for supporting and maintaining our ISO27001 certified ISMS whilst assisting with the uplift of other Cyber Security & IT Governance, Risk and Compliance (GRC) functions.

This role is suitable for someone with a fundamental understanding of Cyber Security with at least 1 - 2 years experience in the Cyber/IT Risk space, looking to expand their skillset, responsibilities and impact in an organisation that supports and understands the importance of Cyber Security.

You will be involved in critical activities across a broad range of technical and non-technical domains, including governance, risk & compliance, identity & access management, information protection, and security culture & awareness. This role will include a mix of maintaining ‘BAU’ activities whilst also providing plenty of opportunities to uplift and improve current processes.

Your **Primary Responsibilities** will include, but are not limited to:

- **Information Security -** Communicate security risks and issues to business managers and others. Support investigation of suspected attacks and security breaches.
- **Governance -** Assist in the implementation of governance frameworks and processes. Maintain records and documentation related to governance activities.
- **Cyber, IT, and Third-Party Risk Management -** Perform risk assessments and recommend appropriate actions. Support risk management processes and initiatives.
- **Assurance & Compliance Monitoring -** Assist in ensuring compliance with organisational policies and regulatory requirements by completing and managing assurance activities. Maintain records and support the preparation of reports related to compliance activities.
- **Audit Support -** Support completion of customer questionnaires and external audits by collating and requesting evidence from internal stakeholders.
- **Security Exercises & Adversary Simulations -** Support security tabletops, adversary simulations, and continuity management initiatives and exercises. Assist in maintaining documentation and records.
- **Security Culture & Awareness** - Assist in the implementation and management of a global Security Culture and Awareness Program

**About you**:
We are seeking a self-motivated individual with a fundamental knowledge in IT/Cyber Governance, Risk and Compliance. This role will suit someone who is looking to grow their understanding and knowledge with the ongoing support of the Cyber & IT GRC Lead. You will have the ability to independently solve problems and help your team members when necessary.

Having the capability to take ownership of issues with a view to continuously improve is crucial in this role.

You will be an excellent communicator and influencer, able to engage with key business stakeholders to convey the necessity of a robust ISMS and its benefits to the organisation.

**Mandatory requirements**:

- Located in Greater Brisbane Region or willing to relocate
- Passionate about Cyber Security
- At least 1 - 2 years of demonstrated experience and knowledge in the areas of Information Security Governance, Risk Management and Compliance.
- Demonstrated experience with Information Security Management Frameworks such as ISO27001, NIST, Essential 8, ISM or PCI-DSS
- Strong analytical, problem-solving and negotiation skills, with the ability to thrive in a fast-paced and dynamic environment.
- Strong soft skills - written and oral communication skills, including both technical and bus