Osborne Richardson are public sector recruitment specialists with over 30 years’ experience. Our IT Division is headed up by an IT Project Manager with over 20 years' experience running complex projects, so when you engage with Osborne Richardson, you are working with a recruitment consultancy who has walked the walk.

• 12-month contract
• $ negotiable
• Start ASAP

About the role:

This role is primarily responsible for protecting Councils computers, networks, information, and devices from malicious activity. This role will work closely with the Chief Digital Officer and other key stakeholders to identify and mitigate cyber risks, develop security policies and procedures, manage security incidents, implement cyber training and increase awareness.

The position will be required to ensure all technology projects and changes consider and design in compliance and security as core deliverables. This role will work with stakeholders across the Council, including elected Councillors, executives and if required, constituents.

Key Responsibilities:

• Guided by Council’s Cyber Security Strategy create a Cyber Security Framework for the Council.
• Develop and implement a comprehensive cyber security program that supports the Cyber Security Framework, aligns with industry best practices and regulatory requirements.
• Conduct risk assessments and vulnerability scans to identify potential threats and vulnerabilities and develop mitigation plans.
• Manage the deployment, monitoring, maintenance, and upgrade of security technologies such as firewalls, intrusion detection/prevention systems, and antivirus software.
• Lead incident response activities to mitigate security breaches or incidents and conduct forensic analysis to determine the root cause of security incidents.
• Develop and maintain relationships with key stakeholders such as auditors, vendors, customers, and regulators.
• Collaborate with business units to identify and manage risks associated with new technologies, business processes, or products.
• Lead compliance efforts to ensure compliance with regulatory requirements such as ACSC Essential 8, Cyber Security NSW ‘Mandatory 25’ and PCI-DSS.
• Develop and implement security awareness and training programs for employees, contractors, and partners.
• Participate in the development and implementation of disaster recovery and business continuity plans.
• Report regularly to management and the executive on the status of cyber security, potential risks, and emerging threats.

Experience:

• Degree qualification in Information Technology or a related field
• Strong knowledge of cyber security principles, best practices, and regulatory requirements.
• Experience developing cyber strategy and implementing cyber security programs.
• Excellent strategic, conceptual, analytical, and lateral thinking skills and demonstrated expertise in positively leading and influencing organisational change programs and projects particularly those related to cyber security.
• Experience managing security incidents and conducting forensic analysis.
• Strong project management skills and experience.
• Excellent verbal and written communication skills, and the ability to communicate complex technical information to a diverse range of stakeholders
• Relevant certifications such as CISSP, CISM, or CRISC

Thank you for your interest. We regret that, due to the number of applications received, we will not be able to respond to all applicants.