Information Security Specialist

Last updated 5 days ago
Location:Macquarie Park
Job Type:Full Time

Job Title: Information Security Specialist (networks)

Location: Macquarie Park

Position Summary

The position will be responsible for safeguarding information system assets by identifying and solving potential and actual security problems. The individual must possess a working knowledge of current and developing security threats and technologies to support research and recommendations. They will work closely with management, other team members, and operation teams to ensure data protection for systems used by all areas of Optus. It is expected that this role will focus 80% effort on technical security responsibilities, and remaining 20% on information security governance, risk, and compliance responsibilities as required.

Working as an Information Security Specialist, the role will:

  • Perform Security Risk Assessments (SRA) for Optus Projects
  • Certify new network platforms (projects) to be compliant with the set of regulatory/mandated security obligations
  • Certify new web applications / infrastructure and changes to existing web applications / infrastructure
  • Enforce compliance of applications with Singtel IT and Network Security policies, Australia / Singapore privacy and regulatory requirements
  • Advise projects on the optimal course of remediation by analysing the results of the penetration

Key Responsibilities

  • Contribute to the development of Optus' sustainable and repeatable privacy-by-design program, including, but not limited to the rollout of periodic training and awareness initiatives.

  • Review policies and procedures relating to privacy and data protection.

  • Support our privacy incident management framework and recommend appropriate controls to contain (and mitigate) potential technical vulnerabilities.

  • Review the security policies, procedures and standards

  • Identify and communicate security non-compliances and vulnerabilities that could impact business operations.

  • Assess, document and communicate risks in context with business operations.

  • Develop and communicate remediation plans capable of reducing risk to the organization.

  • Assist business owners with prioritizing risks and consulting users on adequate compensating controls to reduce risks.

  • Manage CSRC compliance to deliver CSRC compliance

  • Work with CSRC leaders to establish/fine tune controls and process.

  • Establish processes and tools to effectively deliver:
    • Third Party Compliance
    • URL/Websites compliance
    • Application Systems

  • Perform SRAs to the projects assigned.

  • Evaluate the programs for security risks per the SRA norms and

  • As a security SME guide the program for risk remediation in the most cost and time effective manner.

  • Work with Deviation Committees to assist projects in making secure and compliant design and achieve compliance.

Experience and Qualifications

  • Degree in Computer Science, Information Technology or equivalent (or compensating experience).
  • CISSP accreditation
  • 3+ years of experience in Cybersecurity risk assessments, delivery of core security solutions and security compliance management.
  • Requires knowledge of security issues, techniques and implications across all existing computer platforms.
  • Knowledge of information security principles and practices, understanding of security protocols and defense in depth.
  • Demonstrated ability to conduct research into security issues and products as required
  • Knowledge of various IT standards and practices such as:
    1. SANS Penetration testing process
    2. PCIDSS
    3. ISMS
    4. OWASP
    5. Australian Privacy Principles.
  • Good analytical and communication skills.
  • Ability to perform under pressure
  • Focused on developing positive results/outcomes
  • Flexibility in approach to problem/issue resolution
  • Team player with can-do attitude
  • Autonomous and self-motivated
  • Ability to think outside the box
  • Good people management skills

Optus believes in the strength of a vibrant, diverse and inclusive workforce where backgrounds, perspectives and life experiences of our people help us innovate and create strong connections with our customers.

Heads Up!
Due to the fast paced nature of our business, vacancy close dates may change, so make sure you apply today!

Due to COVID-19 and the rise of job applicants in the market, it may take us a bit longer than usual for us to come back to you. We appreciate your understanding and patience during these unprecedented times.