Talenza has partnered with an international mining firm for the search and selection of a Cyber Security Risk Advisor. This is an awesome opportunity to gain exposure across a diverse and complex business and across multiple technical domains.
You will contribute to the improvement of the organisation's cyber security posture through the provision of pragmatic cyber security guidance, and by conducting cyber security risk assessments to identify risks and appropriate controls. You will be providing cyber security risk advice and assistance in a practical business context to better enable secure innovation in support of the organisation's mining future.
This role is paying up to around $125,000 base. It would suit someone who brings expertise in two technical security domains (I.e. applications, networks, systems, cloud, IoT, mobility, ICS, OT, etc) with an interest in providing risk advisory and a passion for learning about new security concepts.
- Provide effective and pragmatic cyber security guidance up-front in major technology projects, to enable the business to innovate securely
- Conduct cyber security risk assessments of new and existing technologies to identify risks, and appropriate controls that balance security and operability
- Communicate risk assessment findings to both technical and non-technical audiences, including Information Systems & Technology (IS&T) business partners and project stakeholders
- Support cyber security aspects of business acquisitions and divestments
- Conduct supplier, service provider and RFP contract reviews
- Support the business' adoption of cyber security group standards and guidance
- Practical experience in a cyber security based role, preferably in a large organisation, or a similar asset intensive industry
- Experience in identifying and understanding cyber security risk in both Information Technology (IT) & Operational Technology (OT) contexts.
- Familiarity with industry leading cyber security frameworks for identifying and managing cyber security risk (e.g. NIST, ISO, NERC CIP, ISA/IEC etc.)
- Strong interpersonal, communication and influencing skills to build credibility and collaboration
It will also be beneficial if you have the following experience:
- General or OT specific Cyber Security certifications e.g. GICSP, GRID, CISSP, CISM, CEH etc.
- Experience managing cyber security risk in the adoption of emerging technologies such as IoT, cloud and mobility
- Experience managing cyber security throughout safety lifecycles, understanding relative independence and integrity of multiple layers of protection in instrumented systems, including Safety Instrumented System (SIS).
Although desirable, no previous exposure to mining is required for you to be successful in this role.
- Competitive salary package with annual cash incentive awards (STIP) for eligible employees
- Discounted Health cover scheme (Medibank) for employees and their immediate family.
- Flexible work arrangements supported
- Eligible for the employee share programme.
- Salary sacrifice & packaging options
- Paid parental leave up to 9 months.
- A work environment where safety is always the number one priority.
- Learning and development opportunities to support your desired technical, or leadership career path.
- An inclusive and supportive environment
- Option to work from home 2 or 3 days in a week