3 Easy Steps

  • 1Search for courses by Study Area, Level and Location
  • 2We deliver you all the matched results
  • 3Choose one or more course providers to contact you
Industry

Distance from location (kms)

Exact 5 10 25 50 100

Posted since

All 2 Days 1 Week 2 Weeks 1 Month

Sort results by

Relevance Date

29

January

04-2021 - Executive Level 1, Assistant Director - It Governance, Risk And Compliance, Information Services Branch

The Treasury - Canberra Airport, ACT

IT
Source: uWorkin

JOB DESCRIPTION

The Assistant Director (IT Governance, Risk and Compliance) is responsible for the development and coordination of security risk assessments, and the development and implementation of information security policy, standards and frameworks within Treasury. The role performs system assurance, auditing and reporting activities as well as develops security policies and procedures, to ensure risks are managed and the ICT environment is compliant with the PSPF, ISM and Essential Eight (E8). The role is also responsible for business engagement and liaison activities between cyber security and business areas as well as other external stakeholders.

The Assistant Director works closely with the Director (Cyber Security)/IT Security Advisor (ITSA), the Cyber Security Operations Team as well as Director (Protective Security) and other IT Operations Teams to ensure comprehensive and PSPF/ISM compliant security documentation is established and maintained, and that comprehensive work plans and reporting frameworks are also in place. The Assistant Director monitors the security posture of the organisation and provides proactive proposals to the Director, Cyber Security and Chief Information Security Officer (CISO).

The Assistant Director performs risk assessments of all systems in line with Treasury’s Authority to Operate Framework and performs security technology governance, risk, and compliance activities of on-premise and cloud solutions including Microsoft Azure and Microsoft Office 365 as well as other Cloud tools used at the Treasury.

The Assistant Director will also be responsible for the security culture of the organisation by providing formal and ad hoc advice and delivering security briefings and security awareness training when required.

The Assistant Director provides specialist advice to support the development of new ICT capability, plays an active role in design authority (DA) and change management (CAB) and works to improve the Cyber Security capability.

Summary of duties for the Assistant Director (IT Governance, Risk and Compliance) includes:
  • Performing risk assessments
  • System assurance and compliance activities
  • Auditing and reporting (including developing reports and dashboards)
  • Business engagement
  • Development of security policies and procedures
  • Advice, briefings and security awareness training
  • Contribute to the team and enhance Security Unit competence
  • Maintain and improve security culture of the Department
  • Perform incident response and reporting, and assist operations team as required.
The work is characterised by:
  • Making decisions within internal policies and operating procedures consistent with regulatory requirements (PSPF) and IT Security Standard (ISM).
  • Provide advice on ICT security matters to the Agencies IT Security Advisor and Chief Information Security Officer as well as the wider Department.
  • Management of competing and changing priorities.
  • A strong team environment.
  • Close liaison and co-operation with internal and external clients.
Desirable Qualifications / Experience
  • Qualification(s) in a relevant field, including but not limited to, cyber security and/or ICT.
  • A minimum of 5 years’ experience in Cyber Security
  • Experience in technical security, other security fields and/or ICT is desirable.
  • Experience in dealing with high levels of classified material in a multi-classified environment
  • Demonstrated capacity to provide timely, compelling and concise advice to inform executive members and senior management to support decision making.
  • Certified Information Security Manager (CISM) and/or Certified information Systems Security Professional (CISSP).
  • SANS specific security training.
  • Demonstrated experience leading a team to achieve high performance and meet organisational and business goals.
  • Demonstrated experience in risk management, policy and strategy development.
  • Demonstrated experience in a government context.
  • Experience with hybrid environment including on-premise and multi-cloud platform.