General Manager Cybersecurity, Technology Risk and

Melbourne, VIC, AU, 3000**About John Holland**:
At John Holland, our purpose is simple, we transform lives with everything we do. We’ve always known at its heart infrastructure is about people — our customers, our employees, and the communities in which we work.

That’s our difference. Deep experience and capability with a genuine care about creating better lives for people along the way.

Be part of a team that thrives on rising to the challenge of transforming lives for good.

**Are you up for the challenge?**:
We are currently seeking to appoint a **General Manager Cybersecurity, Technology Risk and Audit **to join our Information Technology (IT) team, based out of John Holland’s state-of-the-art Flinders Gate office.

Reporting to the Chief Digital and Information Officer (CDIO), you will provide cybersecurity leadership and governance across the organisation and partner with key business stakeholders across the company to raise an engaged cyber security culture and awareness.

You will work closely with our projects and bid teams to formulate cybersecurity requirements on bids/tenders for the business operations and to meet client requirements. Your strong knowledge of current state and future vision will help shape planning of the security architecture to support organisational growth.

**About the Role**:

- Accountable for enhancing and managing the cyber security function and providing leadership & governance within the organisation
- Work closely with corporate and operational business units to build robust BCP / DRP and promote an enterprise perspective to cyber risk
- Oversight of the managed detection and response provider and associated services
- Develop and oversee the cybersecurity program of work to meet the needs of Executive and Board approved risk posture
- Ensure organisational compliance with cybersecurity policies, standards, regulations and legislations
- Provide regular reporting to Executive and Board on all matters pertaining to cybersecurity, including progress against key activities and actions, including presenting to Executive and Board
- Oversee the organisations response to cybersecurity incidents and simulations and contribute to the organisations BCP and DRP processes
- Implement processes and communications to uplift the cybersecurity culture and awareness of the organisation
- Accountable for third party risk management framework, working with partners, customers, regulators to ensure protection of critical assets and customer and employee information
- Work closely with tender teams and projects to ensure cyber requirements are evaluated and achieved for both IT and OT
- Management of all IT audits and associated actions and reporting
- Active management of IT risk and reporting into the Corporate risk tracking system
- Develop the internal team to enhance their knowledge and skill

**About You**:
This position will require you to have significant senior management experience across multiple large, complex organisations leading Cybersecurity, Risk and Audit functions. A relevant Degree/Post Graduate qualification is highly regarded.

You will have demonstrated experience in:

- Building a cybersecurity function and capability
- Establishing and delivering cyber security uplift programs/roadmaps
- Managing enterprise-wide cybersecurity incidents
- Building cybersecurity capability for both IT and OT
- Reporting to C-level executives and Board members

Strong knowledge of NIST, ISO 27001 and Essential 8 is essential.

You will enjoy working collaboratively and be able to foster effective strategic relationships with people at all levels both internally and externally.

Your well-developed leadership, communication, collaboration, and problem-solving skills, along with your ability to manage multiple tasks and projects in a fast-paced and dynamic environment, will see you succeed in the role.

**As part of the team, you help us deliver on our promise to transform lives.**:
Your success is reflected in ours, so we’re committed to being an employer of choice. We pride ourselves on having a diverse and inclusive workplace, as different perspectives and ideas will deliver our long-term success.

We want you to be with us for the long-term, so providing you with rich career experiences and ongoing development is our priority.

**What’s in it for you when you join John Holland?**:
We’re about connecting your sense of purpose to ours. We understand that your career is one of the biggest ways to have an impact on the world. We also believe in supporting you as a whole person, not just an employee.

We reward and support our people in so many ways. This starts with being flexible about how different people like to work. From industry-leading leave policies to wellbeing and relationship support, your needs sit at the heart of our employee benefits.

We offer:
**Competitive** remuneration** with salary continuance, and salary sacrifice packaging options available.

**G