Job Title

Join to apply for the General Manager Information Security role at CareSuper. At CareSuper, we believe were Super Together. As a profit-to-member super fund with over 550,000 members and $55 billion in assets, were passionate about helping our members retire with confidence. Were growing fast and looking for our next superhero to join us on this exciting journey. About the role Reporting to the Chief Technology Officer, as our new General Manager Information Security, your mission will be to provide strategic leadership and enterprise accountability for CareSupers information and cyber security posture. This role ensures the confidentiality, integrity, and availability of Fund systems and data, maintains compliance with regulatory obligations, and embeds security into technology and business operations. It drives the cyber strategy and fosters a fund wide culture of riskaware decisionmaking. Responsibilities Provide senior guidance, advice to and governance of the information security policy program, focusing on continual improvement strategies Oversee, develop and execute the cyber security roadmap in alignment with the existing information security strategy, regulatory compliance obligations and partner agreements Strategically lead a team of Cyber and Information Security professionals to deliver on the cyber security road map Oversee, manage and maintain an effective human risk management program based on cybersecurity awareness and training Oversee, manage and maintain an effective vulnerability management program Oversee, manage and maintain an effective data loss prevention capability to protect sensitive information Oversee, manage and maintain an effective cyber incident response testing program in line with existing procedures and playbooks Oversee, manage and maintain an effective threat intelligence and risk management program based on offensive cybersecurity practices Oversee and manage information security control implementation and integrations Oversee and manage the annual cyber security control assurance testing requirements Oversee and manage ongoing information asset penetration testing requirements Oversee, manage and maintain security operations resource planning and metrics reporting capability Qualifications Extensive leadership experience within Technology A strong understanding of cyber/information security and how to strategically embed best practices into an organization Relevant tertiary qualifications in Technology Professional qualifications associated with cyber/information security management principles (e.g. CISSP, CISM) The strategic thinking to develop and maintain a comprehensive information security policy, standards and guidelines, particularly as they relate to security governance, risk and compliance A strong understanding of the NIST Cyber Security Framework (CSF), ASD control frameworks and cyber security related regulatory compliance frameworks as they relate to the financial services industry A strong understanding of penetration testing frameworks, methodologies, and open source/commercial security assessment tools The ability to conduct quality security risk assessments and manage control frameworks Proven knowledge of risk management and governance frameworks such as NIST, ISO 27001 and COBIT The ability to analyse, prioritise, problemsolve, define process and document procedures Strong written and verbal communication skills for conveying complex security, risk and compliance issues to executives and board members including presenting in professional forums and report writing Project management proficiency across complex, multistakeholder initiatives Experience embedding security into cloud platforms, agile delivery and DEVSECOPS environments Benefits Hybrid and flexible work environment 5 weeks annual leave 16 weeks of parental leave for all eligible employees Holistic health and wellbeing support free annual flu shots, skin checks, Employee Assistance Program External Employee Coaching Program and Professional Development Rewards and Recognition Program, as well as employee discounts and cashback offers on a broad range of products and services How to apply Wed love to hear from you! Just send through your resume and a cover letter. Applications may close early if we find the right person. Next steps Need support during the application or interview process? Were here to help. Just reach out to your talent partner and let us know how we can make the process work for you. Were committed to protecting your privacyyour personal information will be handled with care and in line with our Privacy Policy. At CareSuper, we know that diverse perspectives make us stronger. Were proud to foster an inclusive environment where everyone feels welcome, respected and valuedno matter your background or identity. Job details Seniority level: Director Employment type: Fulltime Job function: Information Technology Location: Hobart, Tasmania, Australia #J-18808-Ljbffr