Job Title

Spirit Managed Services is now branded Infotrust. CyberEmergency Number: 1300 554 798 IT Support Number: 1300 007 001Security Consultant (GRC)Sydney, NSW | Melbourne, VIC | Brisbane, QLD | Home CareersThe OpportunityThe Security Consultant will work with the wider Consulting team, responsible for the development and delivery of Governance, Risk and Compliance services. This involves the end-to-end delivery for our customers and to a certain extent, business development. A key part of the role will involve directly engaging customers to provide security consulting, aligned to deliverables. These include information security assessments, information security awareness, risk assessments and more. The role will also involve working with the Sales teams and PreSales teams across Infotrust.ResponsibilitiesDelivery of Consulting ServicesInformation Security AssessmentsInformation Security Awareness consultingPresales working with the sales function to present and respond to technical requirementsTechnical expertise on specific services/products for presales for key/large enterprise as/when neededDelivery of consulting services to clients, as per scopes of work that are signed before commencementDelivery of adhoc advisory to clients within the realms of information security, governance, risk and complianceEvangelise security best practice, research and knowledge sharing amongst customers and prospective customersServices Delivery ManagementAdhere and contribute to SLA''s, metrics, reporting, project scoping and management, customer escalation, engagement management, etcManagement of internal security governance, risk and compliance using the ''eating our own cooking'' approach.Key Competencies & ExperienceDevelop Information security governance & risk management strategies, frameworks (ISO27001 & PCIDSS), policies, standards and metrics to measure maturity of overall security operations in alignment with business priorities and its tactical/strategic objectivesPerform reviews, assessments and system implementations based on industry/regulatory requirements such as ISO27001, NIST Cybersecurity Framework, Australian ISM, etc.Scope required activities and perform project estimates as required, ensuring that consulting activities defined in these scopes are delivered to the highest standardsEngage in skills transfer both internally and with customersDeliver assignments securely on time within budget and share results and recommendations to both technical and nontechnical customers, in the form of either inperson presentations, written or verbal reportsDevelop and maintain strong relationships with customers through timely delivery of projectsConduct project management, where requiredMaintain Infotrust''s internal security standards and confidentiality of customer material as defined in our ISO 27001 aligned ISMSPerform reviews and assessments based on industry and regulatory requirements, including ISO 27001, NIST Cybersecurity Framework, PCI DSS, Essential Eight, CPS 234 and the Australian Information Security ManualSkillsMinimum of 23 years'' experience in IT, preferably in information and cybersecurityMinimum 12 years'' experience in GRC focused roleExperience in conducting IT security and cyber/information security assessmentsExperience assisting with audits (internal & external) and auditorsProven track record building strong relationships with key business leaders and stakeholdersPractical understanding of Information Security Standards & Frameworks, for e.g. NIST CSF, ISO 27001, GDPR, ASD, ISMGood to have 1 or more professional Information Security certifications (ISO 27001, CISSP Associate, CompTIA Security+ or equivalent)Personal AttributesStrong Stakeholder management capabilitiesOutstanding verbal and written communicationAdaptability to changeAbility to align Cyber/Information Security objectives with key business goalsPrepared to act as a ''handson'' leader, as requiredHOW TO APPLYPlease send resumes to: [email protected] #J-18808-Ljbffr