Cyber Security Risk Manager
vor 1 Monat
Security (Information & Communication Technology)
Other (Education & Training)
Employment Type: Full time continuing role as a Cyber Security Risk Manager
Location: UNSW Kensington Campus (Hybrid Working Opportunities)
About UNSW:
UNSW isn't like other places you've worked.
Yes, we're a large organisation with a diverse and talented community, a community doing extraordinary things.
Together, we are driven to be thoughtful, practical, and purposeful in all we do.
Taking this combined approach is what makes our work matter.
If you want a career where you can thrive, be challenged and do meaningful work, you're in the right place.
The Cyber Security Risk Manager is responsible for providing strategic leadership in developing and continuously improving the University's cyber security risk management practices, ensuring that risks are continually identified, assessed, prioritised, monitored, and mitigated in line with UNSW's Enterprise Risk Management framework.
Key responsibilities include managing cyber security risk registers, leading risk remediation efforts, and developing risk mitigation strategies with measurable key risk indicators (KRIs) and key performance indicators (KPIs).
The role also oversees vendor security risk management and annual threat assessments, while delivering regular risk updates to senior leadership and governance forums.
The Cyber Security Risk Manager reports to the Head of Cyber Security Governance & Assurance and has direct reports.
Accountabilities:
Provide strategic leadership in the development, execution and continuous improvement of the cyber security risk management practices in alignment with UNSW's Enterprise Risk Management framework.
Manage Cyber Security Risk Registers, ensuring identified risks are documented, assessed, prioritised, and remediated.
Lead and direct risk remediation efforts, ensuring timely closure of identified risks.
Develop and implement effective risk mitigation strategies and ensure alignment with business goals.
Develop key risk indicators (KRIs) and key performance indicators (KPIs) to measure and track the effectiveness of risk management strategies.
Ensure new risks are promptly registered and managed following assessments, assurance activities, or security incidents.
Ensure that the threat, risk and control libraries on the GRC platform are up to date.
Lead the execution, and continuous improvement of the annual threat and risk assessment process, including maturity assessments.
Lead and deliver the end-to-end vendor security risk management lifecycle process, including annual risk assessments for high-risk vendors, periodic scorecard reviews, and continuous monitoring through platforms such as UpGuard, CyberGRX and BitSight.
Oversee and deliver the security review process for Requests for Information (RFIs) and Requests for Proposals (RFPs), embedding contractual security requirements in vendor agreements.
Design and optimise operational metrics to drive continuous improvement of the overall cyber security risk management practice, ensuring timely and accurate reporting through the metrics dashboard for inclusion in the quarterly Risk and Safety Committee submissions.
Lead the development and delivery of quarterly cyber security risk updates and briefings to IT executives, business partners, and relevant stakeholders, providing detailed insights into risks and mitigation action status and trends.
Present quarterly risk reports at governance forums, including the GRC Community of Practice (CoP) and Vendor Security Risk Management CoP, while also serving as a subject matter expert on cyber security risk management.
Lead and manage the Cyber Security Risk Working Group, fostering cross-functional collaboration and driving key security risk management initiatives.
Monitor internal and external environments for emerging threats, vulnerabilities, and regulatory changes.
Who you are:
Extensive experience (7+ years) in cyber security risk management, with demonstrated experience in conducting risk assessments, managing risk registers, and overseeing vendor security risk management programs.
Proven experience in developing, implementing and operationally running the cyber security risk management practice in large and complex organisations.
Hands-on experience with security tools and platforms for monitoring, managing, and reporting on cyber security risks such as Protecht GRC tool, CyberGRX, UpGuard, and BitSight is highly desirable.
Certifications such as CISM, CISSP, CRISC, AWS Security Specialty, Azure Security or related certifications are highly desirable.
Strong knowledge of cyber risk management principles, methodologies, frameworks, such as ISO 27001, ISO 31000, NIST 800-53, FAIR and other industry standards.
Proven experience in managing vendor security risk and developing operational metrics for risk management.
Strong project management skills with the ability to balance multiple initiatives and deadlines.
Excellent communication, negotiation and interpersonal skills, with a proven ability to develop effective relationships and influence key stakeholders at all levels in the organisation.
Ability to present with credibility and translate technical and complex information concisely for diverse audiences using strong analytical and problem-solving skills.
Demonstrated experience in presenting risk reports and providing strategic advice on cyber security risk management to senior leadership.
High level of motivation, resilience, and ability to work independently and within a team setting.
An understanding of and commitment to UNSW's aims, objectives and values in action, together with relevant policies and guidelines.
To Apply: If this is of interest to you, please submit your CV, Cover Letter and responses to the Skills and Experience outlined above and in the position description.
Applications close: 17th of November 2024 @ 11.30pm
Benefits and Culture:
Flexible hybrid working Additional 3 days of leave over the Christmas Period Access to lifelong learning and career development Progressive HR practices Discounts and entitlements UNSW is committed to equity diversity and inclusion.
Applications from women, people of culturally and linguistically diverse backgrounds, those living with disabilities, members of the LGBTIQ+ community; and people of Aboriginal and Torres Strait Islander descent, are encouraged.
UNSW provides workplace adjustments for people with disability, and access to flexible work options for eligible staff.
The University reserves the right not to proceed with any appointment.
The University of New South Wales (UNSW) is one of Australia's leading research and teaching universities.
#J-18808-Ljbffr
-
Cyber Security Risk Manager
vor 2 Monaten
Sydney, Österreich University Of New South Wales VollzeitSecurity (Information & Communication Technology)Other (Education & Training)Employment Type: Full time continuing role as a Cyber Security Risk ManagerLocation: UNSW Kensington Campus (Hybrid Working Opportunities)About UNSW:UNSW isn't like other places you've worked.Yes, we're a large organisation with a diverse and talented community, a community doing...
-
Cyber Security Risk Manager
vor 2 Monaten
Sydney, Österreich Unsw VollzeitUNSW UNSW is ranked 2nd in Australia and 27th in the world for Graduate Employability.Browse our range of study options and find the perfect one for you. Employment Type: full time continuing role as a Cyber Security Risk ManagerExcellent salary package including superannuationLocation: UNSW Kensington Campus (Hybrid Working Opportunities) About UNSW:UNSW...
-
Cyber Security Risk Advisor
vor 1 Monat
Sydney, Österreich Tideri Jobbörse VollzeitUniversity of New South WalesHigh St, Kensington, AustraliaPhone:Web Site:Employment Type: full time continuing role as a Cyber Security Risk Advisor Exceptional salary package including generous superannuation Location: UNSW Kensington Campus (Hybrid Working Opportunities) About UNSW:UNSW isn't like other places you've worked.Yes, we're a large organisation...
-
Cyber Security Risk Assessor
vor 1 Monat
Sydney, Österreich Cyos Solutions VollzeitApplication closing date: Monday, 25 November 2024 • 11:59pm, Canberra time Estimated start date: Monday, 06 January 2025 Location of work: NSW Working arrangements: Subject to negotiations with line manager, hybrid working arrangements in line with current NDIA policy are available (minimum of 3 days each week in the office, with flexible arrangements in...
-
Cyber Security Risk Assessor
vor 1 Monat
Sydney, Österreich Cyos Solutions VollzeitApplication closing date: Monday, 25 November 2024 • 11:59pm, Canberra timeEstimated start date: Monday, 06 January 2025Location of work: NSWWorking arrangements: Subject to negotiations with line manager, hybrid working arrangements in line with current NDIA policy are available (minimum of 3 days each week in the office, with flexible arrangements in...
-
Senior Security Architect
vor 1 Monat
Sydney, Österreich Marcus Lavalle-Smith - Cyber Security VollzeitOur client is an ASX listed business continuing to show steady growth and invest in Cyber security.They are seeking an experienced Cyber Security Architect who can also come from a consulting background, to work across various areas of their technology teams.The role will be an advisor, architect and consultant across stakeholders, to be able to architect,...
-
Cyber Security Engineer
vor 1 Monat
Sydney, Österreich Marcus Lavalle-Smith - Cyber Security VollzeitHey there, Cyber Security Engineers.Fancy a 12-month Fixed Term Contract to take you through Christmas/NY and well into 2025?Keen to see what an acquisition integration looks like?Want to wave goodbye to consultancy, MSP and vendor land, and work with an enterprise?Do you like free breakfast?If you thought to yourself, "yes, I DO like free breakfast," you...
-
Ciso And Head Of Cyber Risk, Au @ Paypal
Vor 7 Tagen
Sydney, Österreich Cyber Crime VollzeitPayPal has been revolutionizing commerce globally for more than 25 years.Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy.We operate a global, two-sided network at scale that connects...
-
Cyber Security Advisor Manager
vor 4 Wochen
Sydney, Österreich Government Of New South Wales VollzeitCyber Security Advisor Manager SNSW Grade 11/121 x Ongoing Full-TimeHeadquarter location is McKell, SydneyAs the Cyber Security Advisor Manager, you will provide complex cyber security advice, awareness, resilience, and/or training initiatives to improve organisational or whole-of-government cyber security capability.Responsibilities include: Leading cyber...
-
Cyber Security Advisor Manager
vor 4 Wochen
Sydney, Österreich Government Of New South Wales VollzeitCyber Security Advisor ManagerSNSW Grade 11/121 x Ongoing Full-TimeHeadquarter location is McKell, SydneyAs the Cyber Security Advisor Manager, you will provide complex cyber security advice, awareness, resilience, and/or training initiatives to improve organisational or whole-of-government cyber security capability.Responsibilities include:Leading cyber...
-
Aps6 Cyber Security Risk Analyst
vor 1 Monat
Sydney, Österreich Paxus - Technology + Digital Talent VollzeitLocations: ACT, NSW, VICDuration: 12 monthsExtensions: 1 x 12 monthsWork Arrangements: HybridNV1 Security Clearance is preferred for this role.PAXUS PAYS WEEKLYABOUT THE ROLEThe APS6 Cyber Security Risk Analyst is accountable under broad direction to undertake work that delivers outcomes across the department.The position is required to undertake projects...
-
Aps6 Cyber Security Risk Analyst
vor 1 Monat
Sydney, Österreich Paxus - Technology + Digital Talent VollzeitLocations: ACT, NSW, VICDuration: 12 monthsExtensions: 1 x 12 monthsWork Arrangements: HybridNV1 Security Clearance is preferred for this role. PAXUS PAYS WEEKLY ABOUT THE ROLE The APS6 Cyber Security Risk Analyst is accountable under broad direction to undertake work that delivers outcomes across the department.The position is required to undertake projects...
-
Cyber Security Advisor Manager
vor 1 Monat
Sydney, Österreich Service Nsw VollzeitCyber Security Advisor ManagerSNSW Grade 11/121 x Ongoing Full-TimeHeadquarter location is McKell, SydneyAs the Cyber Security Advisor Manager, you will provide complex cyber security advice, awareness, resilience, and training initiatives to improve organisational or whole-of-government cyber security capability.Responsibilities include leading cyber...
-
Cyber Security Advisor Manager
vor 4 Wochen
Sydney, Österreich Service Nsw VollzeitCyber Security Advisor Manager SNSW Grade 11/12 1 x Ongoing Full-Time Headquarter location is McKell, Sydney As the Cyber Security Advisor Manager, you will provide complex cyber security advice, awareness, resilience, and training initiatives to improve organisational or whole-of-government cyber security capability. Responsibilities include leading cyber...
-
Cyber Defence Risk Manager
vor 4 Wochen
Sydney, Österreich Commonwealth Bank VollzeitAre you a Cyber Defence specialist with technical consulting experience relevant to cyber security operations? Are you a Security Engineer, Threat Analyst or Incident Responder who is comfortable reviewing detection logic, incident response playbooks or threat hunting capabilities? Do you have system threat modeling experience or applied knowledge of...
-
Cyber Defence Risk Manager
vor 3 Wochen
Sydney, Österreich Efinancialcareers Ltd. VollzeitCyber Defence Risk ManagerCommonwealth Bank of Australia Sydney, AustraliaAre you a Cyber Defence specialist with technical consulting experience relevant to cyber security operations?Are you a Security Engineer, Threat Analyst or Incident Responder who is comfortable reviewing detection logic, incident response playbooks or threat hunting capabilities?Do...
-
Head Of Cyber Defence
vor 2 Wochen
Sydney, Österreich Marcus Lavalle-Smith - Cyber Security VollzeitCompany: We are partnering with a leading ASX-listed organisation, with a strong presence in the Australian market.Operating across diverse sectors, with a focus on innovation and sustainability.About the Role: We are looking for a Head of Cyber Defence, to lead a new transformational cyber security program.With a strategy and roadmap already in place, this...
-
Cyber Security Risk Analyst
vor 4 Wochen
Sydney, Österreich Talent Vollzeit2 x Full-Time, Ongoing Positions Remuneration Package: HEW Level 8 - $134,532 to $149,345 p.a.Parramatta or Hawkesbury campus 2 x Full-Time, Ongoing Positions Parramatta or Hawkesbury campus Remuneration Package: $134,532 to $149,345 p.a.About Us Western Sydney University is a forward-thinking, research-led institution, thriving in Australia's most dynamic...
-
Senior Manager Risk And Controls
Vor 6 Tagen
Sydney, Österreich Efinancialcareers Ltd. VollzeitSenior Manager Risk and Controls (Cyber Security)Commonwealth Bank of Australia Sydney, AustraliaSee yourself in our team:Technology CCO is responsible for the world leading application of technology and operations across every aspect of CommBank, from innovative product platforms for our customers to essential tools within our business. We also use...
-
Cyber Security Analyst
vor 1 Monat
Sydney, Österreich Cyos Solutions VollzeitApplication closing date: Friday, 15 November 2024 • 11:59pm, Canberra timeEstimated start date: Monday, 16 December 2024Location of work: NSWWorking arrangements: Subject to negotiations with line manager, hybrid working arrangements in line with current NDIA policy are available (minimum of 3 days each week in the office, with flexible arrangements in...
