|Job Type||Permanent Fulltime|
|Area||New South Wales, Australia|
We are looking for a Cyber Risk Analyst to join our clients internal Confidentiality & Information Security Office (CISO) team. This is an exciting opportunity to grow your cyber security and risk management career as part of the broader Quality & Risk function within our clients operations in Australia.
Reporting to the Cyber Risk Manager, the primary role will be to investigate and analyse data flow and access across system components and storage devices that come together to create security risks for the client. More importantly, you will educate and advise our teams about these risks and how best to mitigate them. Working as part of the broader CISO team, you will build close relationships with IT, senior partners and staff across the business and will have every opportunity to develop a highly rewarding profile in the company. The CISO team is busy building a world-class information security, confidentiality, privacy and business resilience capability to protect our people, our reputation and the information in our custody.
Applicants must have a valid current work visa.
About the work
- Identify and assess information security risks relating to data access and storage
- Develop and document risk mitigation strategies
- Refine and enhance our data access governance and loss prevention programs
- Daily Operation of our data access governance and loss prevention systems
- Assist in the development & delivery of awareness initiatives
- Assist with Access governance problem analysis and resolution
- Contribute to our risk intelligent culture initiatives
- Liaise between IT and the business for the implementation of security controls
To be successful in this role you will have
- 1 - 5 years of applied information risk management
- Operational knowledge of data access governance and/or loss prevention systems highly desirable
- Experience contributing to the implementation, management or audit of an ISO 27001 ISMS
- Experience with installation, integration and deployment of any access management tools desirable (Sailpoint).
- Broad knowledge of information security principles and practices.
- Good project, analysis, problem solving, and business relationship skills.
- CRISC, CISA, CISM, GIAC or equivalent industry certification considered a plus
- Ability to conduct independent research into systems issues and products as required
- Strong written and oral communication skills are necessary
- The ability to communicate ideas to technical and non-technical audiences