This is a Principal - IT Security, Risk & Compliance role with Unisys based in Rhodes, NSW, AU Unisys Role Seniority - senior More about the Principal - IT Security, Risk & Compliance role at Unisys What success looks like in this role: Security, Data Protection & Compliance Leadership Lead IT security, information & data security, and compliance functions Establish and maintain policies, standards, and frameworks Ensure alignment with ISO 27001 and Australian regulations (CPS 230 Risk Management & Governance Own and maintain IT and data risk register Maintain risk governance framework Identify opportunities for risk mitigation, scope uplift initiatives, present justification to UMP leadership and manage their delivery. Security, Risk & Compliance Reporting Develop monthly governance reports covering security posture, risks, and compliance gaps Keep abreast of global information/data security threats/events Present insights and improvement opportunities to leadership and in governance forums. Security Operations & Tooling Oversee SIEM/SOC, DLP, PAM, endpoint and network security, identifying opportunities for uplift and proactively addressing them. Proactively monitor and manage vulnerabilities across applications and infrastructure. Platform & Infrastructure Security Secure HCI, virtualisation, Windows and Linux environments Establish standards and guidelines for infrastructure components for hardening and secure configuration. Provide guidance and planning input for scoping and delivering penetration tests by third party partners of UMP. Review change requests from a security and compliance perspective. Establish standards for network security, and monitor them. Data Security & Privacy Define data classification, handling, retention, and protection standards Oversee encryption, masking, and DLP controls API & Application Security Enforce API security standards Promote OWASP-aligned DevSecOps practices, incorporating those principles during design and reviewing scanning results to monitor compliance. Regulatory & Audit Management Ensure compliance with Australian regulations Lead audits and maintain audit readiness Governance & Stakeholder Engagement Chair security governance forums Contribute to security and vulnerability reporting Contribute to risk control framework Present risk and compliance insights You will be successful in this role if you have: Skills & Experience 10 years risk, security and compliance experience Managing technology risk and compliance (ISO 27001/2) Knowledge of secure applications development standards and policies including DevSecOps (OWASP) Infrastructure security standards, policies and tools (Qualys/Tenable, Crowdstrike, TUFIN) Network zones, segregation and firewall rule standards Extensive knowledge of operational security and risk management for financial services delivery such as AML/CTF. Data protection and security standards, policies and procedures IAM, UAM, PAM Qualifications Bachelor’s or Master’s degree preferably in technology/business from a reputable University Certifications in security, compliance, risk management. Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law. Local employment practices and rights may vary by jurisdiction and are subject to applicable local laws. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com . US job seekers can find more information about Unisys’ EEO commitment here . Before we jump into the responsibilities of the role. No matter what you come in knowing, you’ll be learning new things all the time and the Unisys team will be there to support your growth. Please consider applying even if you don't meet 100% of what’s outlined Key Responsibilities Leading IT security functions Developing governance reports Chairing security governance forums Key Strengths ️ Risk management Data protection Compliance leadership Security operations ️ Infrastructure security Audit management A Final Note: This is a role with Unisys not with Hatch.
