Information Security Operations Lead

Job Description

Are you ready to rediscover remarkable and make a positive impact on people’s lives? At GMHBA, every day brings an opportunity to empower and support communities to live well. Join us to be part of something meaningful and discover the remarkable benefits of working at GMHBA. GMHBA takes pride in being an Australian not-for-profit health insurance and healthcare company that truly values its members. For a rewarding 90 years, we've been dedicated to serving the community and as a result have become one of Australia's leading regionally based private health insurers. We live and breathe exceptional care and are dedicated to making GMHBA a remarkable place to work. We value building connections, embrace individuality, and maintain a supportive, performing culture. GMHBA offers a flexible workplace, a community-focused culture, and a great regional lifestyle. Job Description About the opportunity The Information Security Operations Lead plays a crucial role in ensuring Information Security controls are designed and implemented in a way that addresses the risk to GMHBA aligned to risk appetite. This includes the design, delivery, configuration, maintenance, and continual improvement of Information Security related tooling and processes as well as determining future direction and approaches. Responsibilities include overseeing the day-to-day operations of the Information Security Operations team, managing a small team of Infosec professionals, coordinating projects, implementing best practices, and ensuring the effectiveness and coverage of Information Security technical controls. Desired Skills and Experience About you Mandatory The ideal candidate will have a proven track record within an Information Security Operations and/or Engineering function, including: Vulnerability management, Endpoint detection and response, event monitoring, web and email filtering, access management, and DLP Training and Awareness Bachelor’s degree with emphasis in related field or equivalent experience Experience in defining technical Information Security controls and assessing risk Strong understanding of technologies and security considerations across enterprise environments including cloud technologies and hybrid environments Understanding of NIST CSF and NIST Controls Highly desirable Experience in health insurance, or in the health or financial services sectors. Experience with CPS 234 obligations. Experience with Crowdstrike, Qualys, Splunk, Microsoft 365, Azure cloud, Sailpoint, Cyberark, and Netskope. If you believe you would be a great fit but don’t quite tick all of the boxes, we encourage you to apply. Let’s get started. Submit your application online today. Applications close Friday 14th February 2025. If you have any questions about this position or the recruitment process, please reach out to the careers team at At GMHBA, we value a diverse and inclusive culture. We are committed to creating a workplace where every single person feels valued and can be their true, authentic selves. It allows us to be more reflective of our community, have a range of perspectives, and better support our customers, members, and patients. We encourage candidates with diverse backgrounds, experiences, perspectives, and beliefs to apply for this role. In submitting an application, you agree that you have read and accepted the terms and conditions of our recruitment privacy statement: gmhba.com.au/privacy. #J-18808-Ljbffr