|Job Type:||Full Time|
Build your career and Australia’s future.
Not many people can say they are working on building Australia’s future.
With us you’ll be doing just that, leaving a legacy for all Australians. Plus, there’s equal employment, great training and true flexible working arrangements.
The Security Confidence and Risk (SCR) team is part of the nbn Security Group and operates nbn’s Security Risk & Assurance program ensuring nbn assurance obligations are met while providing confidence to management that assets have the appropriate protections in place
A bit about your role
The Senior Security Risk and Remediation Partner reports to the Security Risk and Remediation Manager and the will broad scope of this role is to mature and monitor nbn’s Security Risk profile.
This role will be undertaking Security Risk Assessments and developing and monitoring Security Risk Acceptance documentation (including Treatment Plans) and will also provide SME advice to assist Business Units in their 1st line Security Risk Assessment and Security Risk Acceptance activities.
You will be required to maintain strong relationships with the business both horizontally and vertically, in order to ensure that the impact and remediation of security issues are communicated broadly across the business.
The role will monitor and report Security related remediation activities and track progress to remediate risks to remain within agreed risk tolerance.
In order to manage the scoping, execution and reporting of Penetration activities, the role will need to identify and articulate how real-world threats and threat actors behave and provide specialist security risk SME advice to assist in simulating this behaviour within the scope of individual assurance activities while reducing operational risks to nbn environments.
This role is accountable for:
- Execute a comprehensive Security Remediation & Risk Program, that is compliant with nbn Security & Risk policies, guidelines and appetite
- Work closely with nbn teams to assess Business Unit Risks, including risk identification and compensating controls, treatment plans, exemption processes (including delegations for risk acceptance) rating of risks are consistently addressed and aligned to nbn risk matrix and completing appropriate documentation
- Develop and update an enterprise security risk profile, including and an agreed Risk Appetite. (signed off by relevant governance body or delegated persons)
- Provide input into the Assurance program of work ensuring that prioritisation is based on Security Risk Profile
- Developing and managing nbn Security Remediation Plan. Track issues and ensure all Treatment Plans and Exemptions are managed in a timely manner, and exceptions (issues, including agreed timelines) are appropriately escalated
- Providing timely input for management reporting including: Security Governance Council, Integrated Assurance Forum, ExCo reporting and Board reporting as required
- Drive continuous improvement in security remediation & risk processes and compliance reporting,
- Drive BPE culture in security risk, including the use of risk/remediation tools
- Coordinate a risk and scenario-based Penetration Testing program to provide business and technical stakeholders with a view of the security issues that may be exploited by a threat actor to compromise the Active Network and/or Corporate Network.
A bit about you
In this role, the Security Risk and Remediation Partner will have exposure to dynamic operations environments, strong analytical and reporting skills, capable of operating effectively with ambiguity in a matrix management structure, and able to translate complex concepts into language that can be understood by business stakeholders.
In addition to this, the Security Risk and Remediation Partner will be:
- Experienced in security and risk management fields
- Broad experience in information, cyber and protective security policy gained in large corporate, consulting or government environments
- In depth experience with control frameworks (eg CobIT, ISO27000)
- In depth experience in developing & managing risk and remediation programs
- In depth experience in developing & managing security programs
- Consulting and stakeholder management
- Influencing without direct authority
- Ability to deal with ambiguity and lead through adaptive challenges
- Provide thought leadership and recommendations to the Security Management Team on a regular basis to keep them informed of trends from stakeholder interactions
Life at nbn
Nbn can become your home for a dynamic and complete cyber security career. This critical national infrastructure company offers positions across all the major domains of cyber security from future forecasting, policy development, architecture, design, development, operations, crisis management, risk assessment, supply chain security, behavioral analytics and forensics, from apprentice positions to those of senior executive management – collectively providing you an unbridled set of career opportunities.
No matter where you want to take your career in cyber security or telecommunications, nbn offers career paths, training and experience to help you achieve your goal. Nbn is seeking to make you a highly skilled employee, proud of your company and of your accomplishments.
At nbn our people have a clear and shared purpose - empowering Australians to and redefine the way they live, work and play into the future. As one of the Australia’s largest infrastructure projects ever undertaken in Australian history, you’ll be part of a team building a brighter future for the country.
nbn is committed to an inclusive, flexible and supportive workplace. We strive to ensure that any barriers that may exist are removed to allow everyone equal opportunity to thrive and succeed, regardless of factors such as gender, those who identify as First Peoples, LGBTI+ status, cultural background or disability. We actively focus on encouraging diversity and ensuring that all our people have fair opportunity to reach their career aspirations and potential.
We actively focus on our people having a fair go at reaching their career aspirations. We’re committed to equal opportunities for all employees, with a target of 33% of women in senior management by 2020. With initiatives like Women’s Leadership Programs, a commitment to equal pay, flexibility and market leading parental leave, we truly are paving the way for true equality in the workplace.
Continue the conversation
If you think this role might be for you, we want to hear from you. Please apply by following the links and sending in your resume only. We do not require a cover letter or any selection criteria to be addressed.
At nbn our people and our planet matter. We have an unwavering commitment to the wellbeing and safety of our employees so that everyone goes home safely each day and can perform at their peak to deliver the nbn™ network. nbn also aims to build a network that minimises energy use and can be operated with minimal impact on the environment.