Information Security Manager

**Introduction**:
NGS Staff Benefits

Before you learn more about the job ad, we encourage you to familiarise yourself with our fantastic NGS Staff Benefits page (link below) to understand our offering which includes Additional Leave Entitlements, Personal & Professional Development and Health & Wellbeing Benefits.

About us

We are an award winning, national $15B public offer industry fund focused on the education sector. Click on the video below to learn more

The Role

The Information Security Manager will play a key role in managing information security operations and implementing initiatives to protect the organisation's information assets, infrastructure, and member data. This is a newly created 12-month maximum term contract with the potential to extend, reporting to the Head of Information Security

**Key focus areas include**:

- Assist in the design, development and implementation of an information security strategy aligned with business objectives, risk appetite, and regulatory requirements.
- Support implementation and maintenance of information security policies, standards, procedures, and guidelines.
- Conduct regular risk assessments, including third-party risk assessments, to identify potential information security risks and recommend risk treatment plans.
- Manage security incidents, including investigation, containment, and resolution, and implement preventive measures to mitigate future risks.
- Collaborate with internal stakeholders, including technology, operations, risk, and compliance teams, to ensure alignment of security initiatives with business goals and objectives.
- Provide guidance and support to internal teams on information security best practices, standards, and compliance requirements.
- Monitor the design and operating effectiveness of information security controls to identify control gaps or weaknesses and recommend remediation measures.
- Stay abreast of emerging threats, vulnerabilities, and industry trends to proactively address potential security risks.
- Develop and deliver security awareness training and education programs for employees to promote a culture of information security awareness and compliance.
- Assist in preparing and presenting regular reports and updates to senior management and relevant committees on the status of information security initiatives, metrics, and incidents.

You have
- Bachelor's degree in information security, computer science, or a related field. Relevant certifications such as CISSP, CISM, or CISA are desirable.
- 5 years of experience in information security or a related field.
- Strong understanding of information security principles, practices, technologies, and standards, such as NIST CSF and CPS 234.
- Proven experience in developing and implementing information security strategies, policies, and procedures.
- Sound knowledge of information security technologies, such as firewalls, SIEM, DLP, encryption, and endpoint security.
- Experience with cloud security principles and technologies, preferably Microsoft Azure, Microsoft 365, or AWS environment.
- Sound analytical and problem-solving skills, with the ability to assess complex security issues and recommend effective solutions.
- Good communication and interpersonal skills, with the ability to effectively engage and collaborate with stakeholders at all levels of the organisation.
- A commitment to professional development and continuous learning to stay current with industry trends and best practices.

Desirable
- Knowledge of (or prior experience in) the superannuation industry.

We are a super fund that has an exceptional work culture, provides a diverse offering in developing our people and offer many benefits including leave outside of the legislative requirements and you can be a part of it while earning an attractive remuneration package

Please note that to be eligible for this role, you are required to have permanent Australian working rights and residency.