Cyber Policy, Risk

Join a critical function that delivers secure systems as part of various initiatives
- Be part of an industry with stable and recession-resistant characteristics.
- Opportunities for professional development

My client is a well know market leader in the energy sector and is looking for a dynamic Principal for Cyber Policy, Risk, and Culture to lead the development and execution of a program of work.

As the Principal for Cyber Policy, Risk, and Culture, you will collaborate with peers in cybersecurity, digital, and other areas of the business to identify and manage cyber-related risks. Leveraging your extensive knowledge of cybersecurity controls, maturity frameworks, and cyber risk management, you will work with project and business teams to propose enhancements to security controls and identify opportunities for maturity uplift in existing capabilities.

You will be part of the cyber risk, solutions, and assurance team, you will utilise your in-depth knowledge and experience with security controls and standards to collaborate with colleagues and service owners to ensure that the cyber security policy, standards, and procedures are well-documented, up to date, fit for purpose, and correctly applied. You will ensure that audits and reviews of cyber security processes have timely access to accurate information on the status of controls and the current maturity of processes.

Your leadership will be instrumental in fostering a cyber-aware culture through awareness, training, and education practices by building a cyber-aware culture by designing and running cyber security awareness campaigns, delivering tailored cyber security training programs, and managing training delivery platforms.

Tertiary qualifications in computer science or a technology-related field, or equivalent work or education-related experience.

Experience in the cyber security environment, with specific experience in critical infrastructure in the Energy Sector.

Knowledge of the Australian critical infrastructure regulatory environment and an understanding of the role of risk in meeting obligations.

Experience in the development and implementation of security strategies to support the achievement of business outcomes.

Demonstrated knowledge and experience with security control frameworks and standard control sets such as PSPF/ISM, NIST CSF, AESCSF, CIS 18/NIST 800-53, NIST 800-82.

Familiarity with contemporary attackers, their motivation, tactics, techniques, and procedures.

Technical expertise in a broad range of IT and security technologies, including but not limited to:

- Identity and Access Management.
- Endpoint detection and response, vulnerability detection and management.
- TCP/IP, network switches, and routers, network firewalls and WAF's, Active Directory, Microsoft Servers, Linux Servers, VMware Servers, Web Servers, Database Servers, Messaging Systems, IAM systems, PKI, and encryption.
- SIEM, Security Log Analysis, Microsoft Sentinel, Incident Response Tooling, Forensic Tooling, Virtual security analysis environments.
- Microsoft Azure and Microsoft Defender security capabilities, tooling, and practices.

This role is critical in delivering secure future energy and market systems as part of various energy sector initiatives, with a national focus and may require interstate travel.

Due to the nature on this role ability to obtain a national security clearance, which is highly desirable.

Employment benefits on offer:

- Excellent remuneration package + bonus.
- Flexible working arrangements, including options to work from home and hybrid options, as well as additional leave options to support work-life balance.
- Opportunities for professional development through projects, assignments, industry networks, job rotations, study assistance, and formal learning to enhance your skills and career growth.
- A comprehensive health and wellbeing program that includes discounted health insurance, gym membership, and other concessions to promote your physical and mental wellbeing.
- Up to 4 days of volunteering leave per year to encourage community engagement and giving back to society.
- Access to a comprehensive and professional Employee Assistance Program (EAP) to provide confidential support for personal and work-related challenges, ensuring your wellbeing is a top priority.

If you are excited about this opportunity and believe you have the skills required, look forward to hearing from you.

Join the team and contribute to their continued success.

96207