Harrington Starr are seeking a BISO\ Business Information Security Officer for a global trading organisation based in Sydney.
This role will involve evangelising all elements of business information security encompassing user awareness, data analysis/ production of dashboards, third party supplier management, liaison with technical cyber teams and the wider technology function, and stakeholder management up to C level. This role will also play a key role in defining the cyber security strategy of the organisation.
A brief overview of what the role will involve includes:
- Help establish security policies, procedures, and guidelines on a variety of information security controls
- Analyze source system data, existing data models, and profiling data to uncover additional security insights not inherently visible
- Assess surface security risks and propose ideas, and recommendations to mitigate threats
- Prepare dashboards and technical reports by collecting, analyzing and summarizing information and trends.
- Provide support to the Global SecOps function in the planning, deployment, and execution of the security business plan
- Act as a liaison to the business and IT groups and assist them in the implementation of data security, compliance requirements, and information security technologies.
- Partner with the enterprise architecture team to create, publish, and continuously improve the information security architecture for the enterprise
- Identify regional information security issues and gaps with the enterprise information security policies, standards, and procedures among employees, contractors, alliances, and other third parties
- Map regional legal and regulatory requirements and developments onto global policies/procedures and make suggestions where needed
- Coordinate the execution of security governance and assessment control initiatives and Cybersecurity Awareness Programs, and assist with implementation where needed.
In order to be considered you will need a proven track record in a similar BISO role with good broad knowledge across both security risk and compliance and the ability to liaise with technical teams. There must also be demonstrable knowledge of working with C level stakeholders ideally in a global environment.
