Senior Manager, Information Security

Job Description

Before you learn more about the job ad, we encourage you to familiarise yourself with our fantastic NGS Staff Benefits page (link below) to understand our offering which includes Additional Leave Entitlements, Personal & Professional Development and Health & Wellbeing Benefits. NGS Staff Benefits link: About us We are an award winning, national $16B public offer industry fund focused on the education and community sectors. The Role The Senior Manager, Information Security will play a key role in information security risk management, governance and reporting, including leading information security team operations and implementing initiatives to protect the Fund's information assets, infrastructure and member data. Key focus areas include: Develop and implement an information security strategy aligned with business objectives, risk appetite, and regulatory requirements. Implement and maintain information security policies, standards, procedures, and guidelines. Conduct regular risk assessments, including third-party risk assessments, to identify potential information security risks and recommend risk treatment plans. Manage security incidents, including investigation, containment, and resolution, and implement preventive measures to mitigate future risks. Collaborate with internal stakeholders, including technology, operations, risk and compliance teams, to ensure alignment of security initiatives with business goals and objectives. Provide guidance and support to internal teams on information security best practices, standards, and compliance requirements. Monitor the design and operating effectiveness of information security controls to identify control gaps or weaknesses and recommend remediation measures. Stay abreast of emerging threats, vulnerabilities, and industry trends to proactively address potential security risks. Develop and deliver security awareness training and education programs for employees to promote a culture of information security awareness and compliance. Prepare regular reports and updates to senior management and relevant Committees on the status of information security initiatives, metrics, and incidents. You have Bachelor's degree in information security, computer science, or a related field. Relevant certifications such as CISSP, CISM, or CISA are desirable. Strong understanding of information security frameworks, principles, practices, technologies, and standards, such as NIST CSF and CPS 234. Proven experience in developing and implementing information security strategies, policies, and procedures. Sound knowledge of information security technologies, such as firewalls, SIEM, DLP, encryption, and endpoint security. Experience with cloud security principles and technologies, preferably Microsoft Azure, Microsoft 365, or AWS environment. Sound analytical and problem-solving skills, with the ability to assess complex security issues and recommend effective solutions. Effective leadership skills to mentor and coach cross-functional team members. Good communication and interpersonal skills, with the ability to effectively engage and collaborate with stakeholders at all levels of the organization. A commitment to professional development and continuous learning to stay current with industry trends and best practices. Understanding of governance processes for Boards & Committees. Experience in the financial services sector or regulated environments. We are an equal opportunity employer committed to creating a workplace that values diversity, equity, and respect for all individuals. Interested and suitably qualified candidates should submit a copy of their updated CV. We are reviewing applications as we receive them, so apply today to ensure you don't miss out on this fantastic opportunity! Please note that to be eligible for this role, you are required to have permanent Australian working rights and residency. #J-18808-Ljbffr