Security Compliance Analyst

The perfect match

AAMC is a vehicle loss assessing company with a keen focus on data security. As a service provider to the Australian insurance industry, we take the protection of our client's information and the information of their customers very seriously. We take it so seriously we voluntarily open our world up to the scrutiny of an ISO 27001 audit every year.  Yep, we aim high here at AAMC which is where you come in.

We are seeking someone who knows their stuff when it comes to Information Security Management Systems and is ready to manage our ISMS policies and procedures, oversee the correct use of our various registers, and work with the IT team to maintain adequate controls in line with ISO 27001 standards. This isn't the type of role where you'll be hidden away in the background, absolutely not, you'll work closely with our corporate compliance team, present new initiatives and improvements with the wider executive and leadership teams, attend meetings with our front line team members at times and be a contributing member of our company Risk and Compliance Committee.  If your hidden talent is presenting complex information and data in a creative and engaging way for every employee in the company to grasp, then you are our type of person.

Been in a team responsible for managing a security incident or two? That's unfortunate but also awesome. We want the experience that comes with that.  Know how to scenario plan and run a test? Even better While we are generally an optimistic bunch, we know cyber criminals are always on the hunt for vulnerabilities which is why we run business continuity and disaster recovery testing regularly. We have an Incident Response Manager but we'd love to bring someone in with specific cyber security experience to share the load and further improve our practices.

While we are looking for someone with a degree in IT or related field and 5 years' experience with strong expertise in ISO 27001 and ISMS management we understand this cyber security environment is constantly evolving. This is why a curious mind and a natural tendency for lifelong learning will get you a great big gold star at AAMC. If you genuinely love learning, we will even help you scratch that itch by providing plenty of informal and formal learning opportunities if you so desire.

Did we mention you can do this role from the comfort of your own home full time? Nice hey Commuting is a pain, so we've decided to just not do it. It also means you can live anywhere in the country as long as you have great internet speed.

Now for the formal stuff.

The Security Compliance Analyst reports directly to the Chief Information Officer overseeing and managing the Information Security Management System ensuring the framework is maintained, updated and compliant with relevant security requirements. 

Tasks and responsibilities

• Documenting and communicating our position and compliance status for all relevant security compliance standards including ISO 27001, NIST, NDBS etc.
• Developing, maintaining and revising policies and procedures for the information security, business continuity, and assurance frameworks.
• Identify potential areas of information security risk and developing remediation and corrective action plans as part of preventative recommendations.
• Support the compliance team in their auditing and compliance function.
• Be a contributing member of the Risk & Compliance Committee as well as prepare and present on various information security topics quarterly.
• Ability to lead incident response activities and maintain incident response plans.
• Contribute to business continuity and disaster recovery planning and testing.
• Identify and adapt security controls based on emerging threats and industry trends.
• Monitor security controls and communicate proactively with the IT team.
• Collaborate with stakeholders across the business to promote security best practice.

If this all sounds great

If you think this role has your name all over it, then APPLY We'd love to hear from you.

Your resume should address the general technical criteria outlined in this advertisement but we would love to see what you're all about as a person in your cover letter.

Once we've read your info and realised you are a superstar, or a superstar in the making, we will be in contact to have a chat and provide you with the full position description.