The Position
:
Join our innovative and dynamic team at Compass Group, in a ‘hands on’ strategic focussed business facing Senior Information Security Manager role. This position will continue to enhance and maintain CGAs Cyber Security strategy and program to ensure information assets and technologies are protected. With a strong focus on identifying, evaluating and mitigating risks, working closely with senior management to prioritise security initiatives with appropriate risk management and business justification and ensure compliance with regulatory requirements.
This role will work closely with the Group CISO, group security team and Regional Risk and Security Officer to deliver on Compass Group wide cyber activities and will lead the security posture of Compass Group Australia.
Key responsibilities include:
1. Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program for CGA
2. Collaborate and partner with the business units to facilitate risk assessment and risk management processes and enhance the key control framework
3. Create and manage a targeted information security awareness training program for all employees, contractors and approved system users
4. Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
5. Oversee the management of security incidents and response planning to protect IT assets, including intellectual property and regulated data
6. Monitor the external threat environment and for emerging risks. Identify, assess and prioritise potential risks and work to mitigate these and advise relevant stakeholders on the appropriate courses of action
7. Manage the development and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of security
8. Engage in regular audits and assessments of systems and processes and define security metrics and reporting mechanisms
9. Create and manage a targeted information security awareness training program for all employees, contractors and approved system users
The Person:
10. Tertiary qualifications in Information Technology and in Information Technology Security or equivalent competency
11. Knowledge of common information security management frameworks, such as ISO/IEC27001, ITIL, COBIT and NIST
12. 5+ years’ experience in a combination of risk management, information security and IT roles
13. Professional security management certification, such as CISSP, CISM, CISA or similar credentials desirable
14. Proven experience developing IT security policies and procedures and implementing controls that meet business objectives
15. Excellent written and verbal communication skills, analytical skills, interpersonal and collaborative skills and the ability to communicate security and risk-related concepts to technical and non-technical audiences
16. Strong leadership ,negotiation, problem solving and decision-making skills whilst thinking on your feet
The Benefits:
Compass Group is an organisation that's proud of its great people. We believe in the opportunity to recognise and develop great talent and offer many diverse opportunities for career advancement. Recognised as an employer of choice we also have an attractive benefits program including a competitive salary and incentive scheme, recognition programs, paid parental leave, team event days, site-based benefits, and company discounts.