This role will see you develop, implement, maintain and report on information security and IT compliance. It plays a pivotal role to ensure robust application and compliance of security technologies and strategy.
Ensure compliance with the Australian Government Information Security Manual and Protective Security Policy framework
Maintain and improve ISO 27001 compliance in regards to our contract
Investigate, document and report on information security issues and trends
Log analysis, threat research and hunting and cyber analysis
Lead, coordinate and execute proactive advice and guidance
Proven ability to uplift cyber capability
Security incident, event management and ability to manage stakeholder expectations
Previous experience with regulatory, compliance and IT security management framework
Can develop security related documents and procedures
Experience working within a complex entity across ICT risk and security management
Superior analytical and communication skills
Please see full description following
MAX Solutions is committed to improving the lives of others. Providing employment, health, training and humanitarian services in more than 250 locations around Australia, MAX Solutions invests strongly in the development of our people. We foster strong relationships between staff, clients and the community and are driven to make a difference.
Reporting to the IT Operations Manager, the IT Security Analyst will be responsible for developing, implementing, maintaining and reporting on MAX Solutions information security and IT compliance functions designed to protect MAX Solutions assets. The IT Security Analyst will play a pivotal role in collaborating with the IT Department, across all Business units and with external security partners to ensure robust application and compliance of security technologies, strategies, policies, procedures and frameworks are in place. The role ensures that existing and new services not only meet Business needs but are cyber risk managed based on ISO 27001 and best practice information security principles.
Ensure compliance with the Australian Government Information Security Manual and Protective Security Policy Framework
Maintain and improve ISO 27001 Compliance and how it applies to our contract
Investigate, document and report on information security issues and emerging trends
Perform log analysis, threat research and hunting, and cyber intelligence risk assessments
Act as the subject matter expert and provide advice to internal stakeholders on Cyber Security
Maintain policies, operational procedures and document processes
Develop and maintain security incident management and vulnerability management program
Support the IT infrastructure team in monitoring, analysing, and trending log data for many data sources
Lead, coordinate, and execute proactive information security advisory and guidance to the Business, technology and project teams covering cyber security, disaster recovery, management of data, user access management, and management of third parties
Peer review system changes to ensure security compliance and system/data integrity
Assist in responding to tender documents around our cyber security posture and assist in planning any uplifts required to meet required standards
Comply with all WHS procedures ensuring that team members including volunteers and contractors abide by all relevant health and safety procedures
Act as a role model by demonstrating safe work behaviours and report all accidents, incidents or near misses immediately. Comply with all WHS procedures ensuring that team members including volunteers and contractors abide by all relevant health and safety procedures.
Proven experience working in a multi-disciplinary team environment, building rapport and managing stakeholder expectations
Proven ability to uplift cyber capability
Experience in security incident and event management
Previous experience working in an organisation that has a highly regulated environment
Experience with regulatory, compliance and IT security management framework
Exposure to industry standard security frameworks (e.g. NIST, ASD, ISO27001, APRA CPS 234)
Development of security related documentation (policies, procedures, standards)
Exposure to the performance of penetration testing and vulnerability scanning
Exposure to cloud-based technologies
Knowledge of Jira
Develop Cyber security reports and dashboards.
Exceptional customer service orientation
Ability to handle multiple requests and prioritise
Strong interpersonal skills
High levels of attention to detail
Naturally analytical and curios with a tendency to problem solve.
Ability to effectively communicate with stakeholders at all levels
Demonstrate strong customer service skills
Proven ability to analyse, interpret and present information back to stakeholders in user-friendly language to ensure a clear understanding
Prepare, read, comprehend and analyse a variety of complex reports, logs, spreadsheets, plans, documentation and correspondence
Speak to individuals or groups of people with poise, voice control and confidence
Ability to prioritise and execute tasks in a high-pressure environment
Experience working in a team-oriented, collaborative environment
Manage multiple high priority initiatives in a fast paced, highly technical environment
Successfully perform the planning, directing, reporting and administrative responsibilities of this
Strong Problem-Solving and Analytical Skills.
Qualifications/Requirements - Mandatory
BSc degree in Computer Science, Information Technology or relevant field
Minimum of 3 years’ experience working in a complex entity across ICT risk and security management
Australian Citizenship or Permanent Resident
We adhere to the National Principles for Child Safety and require all team members to be committed to child safety and wellbeing. Our induction and training will provide you with an understanding of these principles, including having an understanding of children’s developmental needs and culturally safe practices
Hold or have the ability to obtain a current Police Clearance and Working with Children Check.
Qualifications/Requirements – Preferred but not essential