As part of the Program Delivery Practice within this large government body your role as a Technology and Information Security Risk Consultant will see you accountable for the identification, assessment and reporting on information security and technology risks across the technology stream, providing direction on effective trade-off of cost versus risk, influencing informed management decisions.
A crucial element of this role is working with senior executives, Risk, IT and line-of-business managers to influence decisions on acceptable levels of risk delivered by projects.
- Provide specialist technology risk consultancy and assessment services to manage the Information Security and Technology risks, underlying threats and vulnerabilities across the project portfolio
- Influence leaders in Risk, IT, Project Managers and Business to deliver appropriate risk reduction activities within projects that are aligned to the business risk appetite and strategic direction
- Ensure strong governance of risks and issues throughout the project lifecycle in line with the Project methodology, in particular adherence to the requirements of the respective project stage gates
- Analyse all new products/services concepts and proposals in the Program, providing early advice to senior leaders on potential non-compliance to relevant Government and industry compliance requirements to influence design decisions
- Partner with project leaders to implement strategic and industry best practice solutions to mitigate risks
- Maintain a strong understanding of current industry directions and best practice relating to IT controls, Cloud and third party management, information security and data protection, risk management and regulatory compliance by attending industry forums, participating in Whole of Victorian Government forums, participating in communities of interest etc
Skills and experience
- Extensive experience in risk management in complex technology environments including, but not limited to, strategic adoption of cloud based solutions, Agile delivery, innovative solutions and transformational technology change
- Demonstrated ability to consult and influence senior executives across a multi-faceted workplace.
- Ability to engage and influence external providers to deliver services that meet the business strategic outcomes in a safe and secure manner
- Strong understanding of contemporary IT solutions and security treatments
- Excellent communication, organisational and activity management skills
- Demonstrated experience managing risk activities across the project life cycle
- Understanding of industry project delivery methodologies
- Knowledge of the Government and industry compliance landscape preferred
- Preference for CISSP, CISA certification and/or equivalent/similar industry certification/s
Apply now to secure an interview or contact Dylan Tasker on 9236 7753 for a confidential discussion.