Information Security Consultant - Internal Only

About the role

The Information Security Consultant role is responsible for the delivery of our information security program to customers and partners. This role will predominantly deliver on enterprise customer consulting engagements and lead the information security work program for the Digital Transformation Hub (DTH).

Reporting to the IT Services Delivery Manager, the Information Security Consultant will be responsible for:

• Leading, as a senior consultant, discrete end to end security advisory and implementation projects for IT Services customers
• Developing and maintain resources, specific to the implementation and integration of the Essential 8 framework for Infoxchange customers.
• Responding to security awareness and training communications needs for use across the organisation including a plan to support external information security partner programs within Infoxchange Group
• Liaising with stakeholders to conduct information security risk assessments for projects or initiatives, and recommend security controls to address risk
• Providing specialist info sec support to Infoxchange customers for planned & unplanned incidents.
• Providing security advisory services to community and not for profit sector through the DTH.
• Leading the development of the information security work for the Google funded program development.
• Assisting with the development of strategy and implementation of product & service offerings to the NFP sector.
• Being a core part of the security incident response team and liaise with stakeholders as part of incident response activities
• Assisting with the collection of metrics and measurements to provide indicators of the performance of the information security program, including evidence required for security audit purposes
• Participating in learning opportunities to gain understanding of changes to the threat landscape, emerging trends in technology and security process improvement

About you

To succeed in this role, you will have:

1. Bachelor’s degree or equivalent majoring in IT, Computer Science or equivalent, or working towards
2. A good understand of information/cyber security concepts and terminology including security controls and risk management terminology
3. Demonstrated experience in delivery of customer projects, scope management and project reporting
4. A technical background with understanding of computer networks and concepts of secure systems design and development
5. Understanding of the technical aspects of information security including network security controls such as firewalls, network segmentation etc
6. Effective stakeholder engagement and management
7. Strong written and verbal communication skills
8. A proactive, collaborative approach to problem solving
9. Demonstrated accountability and commitment to fulfill the duties and responsibilities of the role
10. A desire to learn, be innovative and continuously improve personally and professionally to make a difference in the not-for-profit and community services sector

It would be desirable if you also had:

1. Knowledge of and experience working with information security frameworks, standards and principles such as ASD Essential 8, ISO27001/2, NIST
2. Information security certifications/qualifications: Comptia Security+, Certificate in cybersecurity
3. Experience implementing security awareness or other technology education programs

Applications close Friday 21 April 2023.

To express interest in this position, please click on the apply button.