Manager Information Security Governance, Risk, and

**Work type**:
Full Time

**Location**:
Brisbane, Canberra, Melbourne, Sydney

**Job type**:
IT

**Applications close**:
**Manager Information Security Governance, Risk, and Compliance**:
Hello. We’re Virgin Australia. And we’re back (in a big way).

We’re the airline that’s always done things a little different. Our way. The Virgin way. For us, flying is so much more than simply taking off and landing (although we understand that is quite important). It’s about going the extra mile, in the air and on the ground, to create authentic experiences that put our guests firmly at the heart of everything we do.

**Who we’re looking for**:
The Information Security Governance, Risk and Compliance (GRC) Manager will report to the Head of Information Security and is responsible for the management and delivery of Information Security risk management and governance across VA. Leading the InfoSec GRC team you will help to grow a security conscious culture across the organisation, while ensuring that the business operates in line with an appropriate risk management profile and meets our compliance obligations.

You will be passionate about technological trends/ developments in the areas of information security, risk management, web architectures, and cloud.

**What you’ll be doing**:

- Proactively manage Information Security Risk and ensure that ongoing issues are identified and resolved, and/or projects are planned to correct underlying issues
- Set clear expectations and ensure OKRs are in place for all team members, linked to organisational objectives
- Supervise the IS Governance processes to ensure that VA’s enterprise-wide security program responds appropriately to the changing threat environment and external obligations
- Oversee the activities of the Information Security GRC team, ensuring that capability and resource is applied effectively to manage VA’s Information Security Risk position.
- Work with the broader Information Security Team to raise the maturity of VA’s Information Security Program.
- Provide coaching, mentoring, development, and training opportunities across the business to cultivate a culture of security awareness.

**You’ll be great in this role if you have**:

- Extensive experience in Information security management, working in a matrixed, complex environment.
- Experience in designing and implementing Information security programs, policies, and procedures, in enterprise environments
- Strong experience managing external stakeholders including business partners, regulators, and government bodies
- An understanding of IT Security principles including technologies touching data, physical, business process, system integration, eCommerce.
- Airline or transport industry experience (beneficial).
- Knowledge of Information Security frameworks and standards including ISO 27001, NIST, ASD Essential 8.
- Professional security management certification, such as Certified in Risk and Information Systems Control (CRISC) or Certified Information Systems Security Professional (CISSP), or similar credentials.

**What you’ll get from us**:
We’re committed to looking after you, with some of the best benefits and conditions in the industry - including (but not limited to):

- Heavily discounted air travel for you and your loved ones (including $1000 worth of travel credits per year)
- Flexible working arrangements (including work hours and work from home)
- Discounts on travel insurance, car hire, accommodation and experiences worldwide
- Discounted Virgin Australia Lounge membership
- Hospitality, retail, technology, beauty services and wellness discounts
- Wellness support, including the betterme digital wellbeing platform
- A comprehensive Employee Assistance Program, which offers confidential coaching and support from qualified professionals for all aspects of life - physical, mental, social and financial
- Dress for Your Day - enjoy the freedom to wear whatever is appropriate for the type of work you do and the day you have ahead of you

**Equality rules**:
**COVID-19**:
The safety and security of our people, guests and operations come first. Always. That’s why we’ve put together a comprehensive ‘Mandatory COVID-19 Vaccination Policy’. In a nutshell, to work with us, you’ll need to comply with our (and the airport’s) rules and regulations. And be fully vaxxed.

**Ready to apply?**

We’re ready to hear from you.