Business Resilience and Cyber Response Manager page is loaded Business Resilience and Cyber Response Manager Apply locations Sydney CBD, NSW time type Full time posted on Posted 30+ Days Ago job requisition id R1776 Challenger Limited is an ASX-listed investment management firm managing $105 billion in assets (as at 30 June 2023). Life with us is fast moving and always exciting. Together we're driving to deliver our vision to provide our customers with financial security for a better retirement. We achieve this goal by providing a work environment where people from diverse backgrounds, with a range of skills and experiences can contribute and succeed. J oin us as our Business Resilience and Cyber Response Manager Are you ready to enhance our business resilience and cyber security incident response capabil ities?
Fantastic opportunity to join as our Business Resilience and Cyber Security response subject matter expert partnering with senior stakeholders across the organisation.
You'll o wn and manag e all Business R esilience activities and help coordinate our Cybersecurity response, ensuring plans are in place, fit for purpose and re gularly tested.
We work flexibly from our Sydney CBD Office where you can expect to work 3 days in the office and 2 days from home.
About the role Reporting directly to our CISO you will play a critical role in ensuring Challenger Group's operational resilience against unplanned disruptions and enhancing our cyber security response. You will s erve as the key liaison and business partner for business continuity , disaster recovery and crisis management, fostering strong relationships with internal and external stakeholders.
With a continuous improvement mindset, you will also have a focus on uplifting and improving business continuity and cyber security response capabilities across the group in line with industry standards as well as strengthening existing frameworks. You will also c ontribute to the implementation, enhancement, and maintenance of Challenger's Business Continuity policy, standards, and tools.
Other responsibilities will include (but aren't limited to)
Crisis Simulations Conduct annual crisis simulations with the Crisis Management Team (CMT), Leadership Team (LT), Board, and material service providers.
Disaster Recovery: Oversee regular testing of disaster recovery sites and backup scenarios for on-prem, hybrid, and cloud services.
Supporting business stakeholders with our preparation for the implementation of APRA's CPS230 Standard.
Ensuring alignment to the National Institute of Standards and Technology (NIST) cyber security framework , in partic ular, the 'respond and recover ' domains.
Business Resilience Framework: Ensure comprehensive cyber and business resilience plans are in place, periodically tested, and updated.
Enhance cyber playbooks, impact assessments, and disaster recovery processes to manage risk and comply with regulatory requirements.
Review and enhance the business resilience program from a strategic and risk-based perspective.
Execute a strategic uplift program to improve people engagement, testing approaches, tools, and processes.
Assist business owners and crisis management teams in keeping accurate and practical business continuity and disaster recovery documentation.
Manage annual tests and coordination activities with various business units.
Chair the Cybersecurity Incident Response Team (CIRT) and manage relevant simulations and exercises.
Training and Education Train staff and leaders on crisis management, business resilience, and cyber simulations.
Liaise with and educate wider business stakeholders to ensure proper representation and consideration of technology risk.
Compliance Ensure compliance with SPS232, CPS230, CPS234, GS007, and other regulatory requirements.
Manage regulatory obligations related to cyber resilience.
Risk Management: Address business resilience and cyber incidents promptly.
Report exceptions to the ERMC, GRC, and Board.
Liaise with internal and external audit functions and manage audit processes and remediation commitments.
The skills and experience you'll need We're looking for a dynamic and influential manager with s trong stakeholder management, influencing, and negotiating skills, with the ability to lead executive team members in crisis management exercises. This is a highly autonomous role, so you'll need to be p roactive in looking for and communicating opportunities to improve risk management outcomes.
Given the level of the role it s ' important that you come from a strong resilience / cyber risk management background, with at least 5+ years in business continuity and critical incident/disaster response planning . Financial Services experience will be highly regarded.
You'll also have
Strong understanding of business continuity, resilience management , incident and crisis management frameworks and practices
Crisis management planning and testing experience.
Experience in identifying , assessing, evaluating, and managing risks within a business environment (ideally cyber resilience)
Proven experience in conducting multidisciplinary crisis simulation workshops.
Technical Knowledge Further IS training or certifications, e.g. CISM, CISSP, Forensics
Understanding of CPS230 and CPS / SPS 232 and Service Provider Business Continuity
Working knowledge of IS control standards and frameworks, including ISO27001, NIST CSF, and audit report types such as SOC 1, SOC 2, ASAE3402, etc.
Knowledge of the corporate regulatory environment and governance principles.
ISO 22301 compliant BCP certification (preferrable)
Benefits At Challenger, we provide access to several exclusive employee benefits that will support you both personally and professionally. These include volunteer leave, education and learning benefits and flexible work arrangements for example.
Visit our benefits page for more information https://www.challenger.com.au/about-us/careers/our-benefits We value inclusion and diversity of thought, promote flexible working practices so our people can integrate their work and personal lives, and are proud to be a Workplace Gender Equality Agency (WGEA) Employer of Choice for Gender Equality.
We offer the opportunity for a broad career experience and value people who are inquisitive and rigorous and are driven to make a difference.
#LI-KM1
#LI-Challenger
#LI-Hybrid
We value inclusion and diversity of thought, promote flexible working practices so our people can integrate their work and personal lives, and are proud to be a Workplace Gender Equality Agency (WGEA) Employer of Choice for Gender Equality. We believe in bringing your authentic self and a belonging in our culture. We are prideful in participating in the Australian Workplace Equality Index (AWEI) as a national benchmark on LGBTQ+ workplace inclusion and best practice in Australia. We offer the opportunity for a broad career experience and value people who are inquisitive and rigorous and are driven to make a difference. Job type:
PermanentPosting Close Date :
08/06/2024 Similar Jobs (1) Analyst, Asset and Liability Management locations Sydney CBD, NSW time type Full time posted on Posted 17 Days Ago
#J-18808-Ljbffr
