Manager, Security Control Assessment | NSW Sydney All
|Category:||Risk and Compliance|
|Position Type:||Full Time|
|Attachments:|| Manager, Security Control Assessment.docx (Word, 50KB)
|Application Close Date:||09-Dec-2018|
#Closer #Braver #Faster
IAG needs to ensure that our uplift in Digital capability is matched with a MAJOR uplift in our information security capability. This newly created role within our Group Risk Cyber Security Assessment & Education team plays a critical part in ensuring that necessary security controls measures are in place to safeguard IAG against any major sophisticated cyber-attacks.
As the Manager, Security and Control Assessment, you will be accountable for protecting our digital information and assets by managing a program of work to continuously assess the control effectiveness of our systems and third-party business and technology service providers.
- Implement a Security Control Assessment Framework (40%) – ensure that new and existing systems and third parties comply with security requirements by conducting assessments of systems and / or processes
- Payment Card Industry – Data Security Standard (20%) – Implement a program of work to continuously check that we are meeting our PCI-DSS obligations, including the performance of the annual attestation of compliance
- Security Cloud Assessment Framework (20%) – assist with framework implementation and identify and manage instances of Shadow IT and work with the Cyber Strategy & Governance team to identify high risk implementations and ensure that treatment plans are created
- Reporting & analytics (10%) – update and maintain Cloud and Certification dashboards and assist the Cyber Security Assessment team to develop and implement regular reports that showcase how security assessments positively affects the overall risk profile
- Process Improvement (10%) – identify practical improvements to processes that would improve agility and allow greater utilisation of self-service capabilities
Skills & Experience
- Experience performing security assessments using NIST CSF, NIST SP 800-53 and ISO 27001.
- Experience managing PCI-DSS compliance programs.
- Experience performing cloud security assessments.
At IAG, we believe that everyone has a unique point of view to share, shaped by their life experiences, cultures & passions. We celebrate and commit to:
#Proud to be me – we value difference, not sameness
#Together – harnessing our collective wisdom enables us to be our best for our customers & each other
#No boxes – it's not about labels, boxes or categories. It's about building a diverse and inclusive mindset into everything we do
IAG is the largest general insurance group in Australia and New Zealand. IAG owns some of the region's most trusted brands, including NRMA Insurance, CGU, SGIO, SGIC, WFI and Swann Insurance.
Start your career journey and join an inclusive culture that celebrates YOU!
We offer 13% superannuation, flexible work and leave options. To find out more, click Apply.
We encourage Aboriginal and Torres Strait Islanders to apply for this position.