This role will drive the protection of the organisation's information systems and data from cyber threats. You will be responsible for identifying and capturing threats and risks, designing and implementing mitigating controls and improvements, and developing governance and processes to ensure operational activities are suitably performed and managed. You will be responsible for the definition and delivery of the Cyber Security Strategy and Roadmap and will deliver programs to uplift maturity against security frameworks such as the Australian Energy Sector Cyber Security Framework (AESCSF). You will work across the organisation with a range of stakeholders and will focus on both IT and OT domains. Manage the identification, collation, and ongoing activities relating to the cyber risk register. Design and deliver treatments including technical and procedural improvements Collaborate with system owners, including OT asset GMs, to ensure Cyber Risk assessment gaps and actions are understood, formally assessed, and adequately budgeted and prioritised. Act as the primary point of contact for technical cyber incident response, coordinating internal and external resources, supporting business response, and reporting to Incident Controller and crisis management teams. Provide expert advice during the planning and review of new IT and OT systems or services and oversee the design and implementation of effective controls. Oversee the strategic delivery of cyber security platforms across IT and OT. Ensure appropriate tooling, processes, and training are in place to mitigate risk and maximise investment value. Develop and deliver timely, actionable cyber security reporting. Maintain and evolve metrics in consultation with the IT Operations & Cyber Security Manager. Support financial and other audit activities, including compiling documentation and evidence, and implementing improvements to streamline future efforts. Essential criteria 8 years expertise in cyber security discipline within an enterprise environment. Expertise in cyber security architecture technologies and concepts: firewalls, intrusion detection, assessment tools, encryption, certificate authority and others. Experience implementing, managing, configuring and monitoring security systems (such as firewalls, secure host management, allow listing, endpoint protection, vulnerability assessments, security information and event monitoring solutions). Demonstrated understanding of common industry cyber security attack frameworks and concepts that facilitate the provision of modern IT services and business processes (for example, Lockheed Martin’s Cyber Kill Chain, MITRE ATT&CK framework, Zero Trust architecture). Demonstrated understanding of key security standards to ISO 27001:2013, ISA/IEC 62443, NIST Cyber Security Framework, Australian Energy Sector Cyber Security Framework (AESCSF), Essential8 and others. APPLY NOW - Don't send a cover letter, just your CV Or call me, Mouse Croghan on 0404 380 704 for a confidential chat or for more information or email me at mouse.croghan@textureconsulting.com.au No overseas applications - Must be in Australia and have full work rights
