Cyber GRC Professionals. Are you keen to join an existing projects team to assist in implementing an ISMS based on ISO 27001, ASD ISM and PSPF?
If you answered yes, then this is your opportunity to make a major impact on a large-scale ISMS implementation for one of Queensland’s most well-known and established organisations. You will form part of the ISO 27001 Implementation Project team, and partner with business units across the org to ensure compliance with applicable requirements and best practices.
What’s in it for you? - Can support fully remote working if you are currently located in South East Queensland (but ideally one day/week in office – modern, plenty of parking, break-out-spaces, outdoor areas)
- Work with an experienced, supportive team (you will work hard, but have fun doing it)
- Rare mix of GRC, technical, and stakeholder management
- While the initial contract is just for six months, there is high possibility of extension
- Reporting to a gun of a Lead Implementer. Experienced. Adaptable. If you like people who are upfront without being abrasive, you will get along.
So what will you actually be doing in this newly-created role? Firstly, you’ll be joining a large enterprise who’ve established a multi-year security journey, and you’ll be part of the team focusing on ISO27001, so a lot of your work will focus on assisting in driving ISO27001 to maturity.
Will you be working on your own? Definitely not. You will be working with some of the best cyber GRC professionals who will be in the trenches with you. They’ve done this before and know what they’re doing.
Specifically, you will be expected to do the following:
- Develop, implement, and maintain the ISMS in accordance with the following standards: ISO/IEC 27001, ASD ISM & Essential 8, Protective Security Policy Framework (PSPF), Privacy Act 1988 (Cth) and Information Privacy Act 2009 (Qld), and others
- Collaborate with stakeholders to integrate information security requirements into business processes and projects.
- Implement ISMS tooling to automate GRC processes.
- Facilitate external audits.
- Uplift existing risk management processes to meet ISO 27001
- Conduct risk assessments
There will also be some work across Internal Audit, Management Reporting, Documentation, and Security Awareness and Training as part of your day-to-day.
What you need to be successful in the role: If you have any of the following certs; ISO 27001 Lead Auditor/Implementer, IRAP Assessor, Security+ or similar.
- CISSP, CISM, CISA, CRISC highly desirable
- Minimum 3-5 years + in a similar role
If you have read this and are at all interested, please apply. There is a lot more information I can share with you having worked with this organisation and team or many years.
Click APPLY and/or contact Marcus directly on marcus@decipherbureau.com for a confidential, casual chat.
Decipher Bureau and the clients we partner with are committed to creating a diverse environment and are proud to be equal opportunity employers. All qualified applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.