Senior Information Security Specialist
- Brisbane, Queensland, Australie
Senior Information Security SpecialistThe opportunity
We currently have an exciting, open term full time opportunity for an Information Security Specialist to join QIC's IT Risk and Security team in Brisbane CBD.
Reporting to the Chief Information Security Officer, you will be a core team member providing specialist support and advice to management concerning security controls, vendor security technologies, processes involving and affecting information and technology within financial services.
With your aptitude to deliver quality results, willingness to add value to and grow within the team, you will play a critical role in supporting activities across control management, vendor management, incident management, risk and security reviews, response planning, reporting and record management within information security.
In this role you will be working within QIC's cloud technology and alongside QIC's partners' global security operation centre, using leading security and technology to analyse and detect threat events, determine risk and identify areas of focus and concern.
The key accountabilities include but are not limited to:
- Security Framework / Roadmap - Planning, designing and implementing an overall IT Risk and Security management process.
- Control Management - review and monitor QIC's information technology security control environment.
- Incident Management - execute incident management procedures including monitoring and manage all local security breaches and handling of security incidents, root cause analysis and impact, taking appropriate action to prevent recurrence wherever possible.
- Security Search, Correlation and Data Analytics - Lead the development, enhancement and life-cycle of effective security search, correlation and data analytic activities using QIC's event data and logging platform.
- Response Planning - Develop and maintain the security incident response plan and process, including tests and simulations.
- Reporting and Communication - prepare regular business and executive security and risk reporting based on ongoing information and metrics either internally or externally as appropriate.
- Record Management - maintain control registers, forms and documents relating to events, records, incidents, information and communications of a security or risk nature within QIC.
The ideal candidate
This career defining position provides an exciting opportunity to join a high-energy technology team and together contribute to the success of QIC's diverse investment capabilities.
As a senior member of the team you will provide support, leadership and strategic direction to the team inspiring people to do their best work.
As a strong candidate, you will have at least 5 years' experience working in Information Security, risk management or cyber security, along with excellent report writing and communication skills.
- Degree in Information Technology (or similar); or
- Recognised qualifications in Information Technology; or
- Knowledge and experience in Splunk or similar SIEM technologies; or
- Specific training in Information Security or equivalent experience.