FinXL IT Professional Services is an established innovative Australian company providing technology enabled business solutions and consulting services across a number of industries including Telecommunications, Commercial, Government and Finance.
Our client, one of Australia's largest in Telecom Industry is looking for an experienced Information Security Consultant to lead a team of security analysts working with one of Australia’s large bank.
This is an initial 5 months contract with a possibility for extension. Competitive rate to offer!
Work location is Toowoomba.
Roles & Responsibilities:
•Identify threats and vulnerabilities related to the Banks information assets in order to quantify risks to the Bank.
•Protect the Banks information assets against identified risks by developing, implementing and maintaining robust security policies, frameworks and capabilities.
•Detect threats and anomalies by monitoring, investigating and researching alerts and intelligence to trigger the response process.
•Identify, implement and manage outsource and co-source arrangements with industry partners to supplement knowledge and resource capability.
•Respond to and triage security events to contain and mitigate threats to minimise the impact to the Banks information assets.
•Manage incidents to return assets to service, perform post incident reviews and implement lessons learned to improve our security posture and maturity.
•Perform on-call duties on a rostered basis.
•Interact and coordinate with vendors, suppliers, distributors and contract consultants.
•Perform 3rd tier Information Security support for internal customers.
•Stay up to date on current threats, trends and technologies by attending training, conferences and digesting podcasts, blogs and other sources of security intelligence and information.
•Contribute to, and coach the team to achieve KPI, support and project delivery goals.
•Other tasks seen as appropriate by Manager, Security Operations
•Role model great security practices and be an evangelist for security.
•Regularly meet with team members to establish and manage outcomes in line with Performance Agreements, have one on one discussions and career planning sessions.
•Lead the Information Security team to improve maturity in security practices within the team and within the wider business.
•Lead the development and implementation of the Banks Information Security Framework and Information Security Policy.
•Develop and Lead Information Security assurance activities in line with the Information Security Framework, Information Security Policy and compliance objectives.
•Undertake line 1 risk and assurance activities ensuring compliance objectives are understood and reported on.
•Reporting on compliance metrics to the CIO, CEO Board and Senior Executive groups.
•Adhere to the Banks internal and external compliance requirements.
•Perform compliance and security assessments when required to assist the business in understanding and meeting their compliance objectives.
The ideal candidate will possess the following
Formal Qualifications / Accreditation:
At least one of:
•Appropriate tertiary qualifications at a Degree level or higher in Information Technology, Engineering or Computer Science.
•Relevant and current advanced certifications (CCNP, ECEH, CISSP etc.) or equivalent experience in Information Security.
Current Driver’s License
•Ability to innovate and understand new technologies.
•Ability to coach the security incident response lifecycle.
•Experience working with IP networking, networking protocols and security related technologies.
•Strong communication skills, including the ability to write procedural, process and reporting documentation.
•Show initiative and the ability to work with minimal supervision.
•Exceptional time management skills and demonstrated ability to prioritise job queues.
•Always act with integrity.
•Demonstrated customer service skills.
•Ability to present ideas, concepts and information to groups at various levels, such as frontline staff, technical SME’s and Senior Executives.
Knowledge / Experience:
•Demonstrated leadership experience with at least two years’ experience in a similar role, and 5 years in Information Security.
•Demonstrated experience coaching the security principles and techniques of IT security related technologies (e.g. Antivirus, endpoint protection, data encryption, PKI, HSM, DLP/IDS, etc.).
•Experience with information security and compliance frameworks, such as PCI-DSS, NIST, and ISO/IEC 27000 series.
•Knowledge of risk management frameworks.
•Knowledge of vulnerability and security assessment methodologies.
•Knowledge of current threat landscape and industry standard mitigations of these risks.
•Experience working with Windows and Linux or UNIX based systems.
•Experience working with virtual networks and environments.
•Experience of security monitoring and logging technologies, such as Splunk.
•Experience with vulnerability management technologies, such as Tenable or Qualys.
•Experience in project management, as a technical lead or similar.
•Knowledge of cloud security concepts.
•Knowledge of DevSecOps and Agile development methodology.
•Experience scoping penetration testing.
•Knowledge of security assessment methodologies.
In additional you will be a self starter and be available almost immediately.
For further information or to send in your CV directly, contact Venkata Bakka at email@example.com.