Position: IT Cyber Security LeadAt Costa Group, we believe in cultivating not only the finest produce but also the finest talent. We're committed to creating a work environment where our employees can thrive, grow, and be recognized for their contributions.Why Costa Group?When you join our team, you can look forward to a range of competitive benefits designed to support both your professional and personal well-being:What We Offer:Competitive Salary – Be rewarded for your hard work with a salary that reflects your talent and dedication.Reward & Recognition – Your contributions will be recognized and celebrated, because we value your efforts.Employee Discounts – Enjoy exclusive discounts on a range of products and services.Novated Lease Program – Save on vehicle costs with our novated lease options.Employee Banking Solutions – Access exclusive banking offers designed to support your financial well-being.Employee Assistance Program (EAP) – We're here to support you and your family with professional advice and well-being resources.Paid Parental Leave for both parents – Take the time you need to welcome a new addition to your family with full support.Flexible Work Arrangements – Balance your career and personal life with flexibility that suits your lifestyle.Primary Purpose of the RoleThe IT Cyber Security Lead is responsible for protecting Costa's computers, networks, information, and devices from malicious activity. This role will report into the Group Operations Manager and work closely with the Head of IT and other key stakeholders to identify and mitigate cyber risks, develop/maintain security policies and procedures, manage security incidents, implement/maintain cyber training and increase awareness.The position will be required to ensure all technology projects and changes consider and design in compliance and security as core deliverables.The Cyber Security Lead is responsible for defining, managing, and delivering a security program and capabilities that ensure proper protection of Costa information assets.Key AccountabilitiesThe IT Cyber Security Lead is responsible for the following:Technical ResponsibilitiesProactively monitor the environment to detect and implement steps to mitigate cyber-attacks before they occur.Monitor, investigate and respond to security incidents, including malware and phishing attacks, data breaches, and cyber-espionage.Monitor network traffic for signs of suspicious activity and take action as necessary.Engage with our security partners to deliver annual penetration testing and vulnerability scanning to assess the effectiveness of our security controls.Develop and implement security awareness and training programs for employees, contractors, and partners.Review current Network infrastructure and architecture of Costa and ensure that security is considered and implemented both in design and operation of the network and infrastructure.Manage the deployment, monitoring, maintenance, and upgrade of security technologies such as intrusion detection/prevention systems and antivirus software.Ensure Costa Patch Management is adequate and suitable to protect our information asset.Leadership and GovernanceLead and participate with Costa's security Governance committee to ensure that IT Risk Register is current, up to date and all IT risks are managed in accordance with Costa's risk management framework.Develop and implement security policies, procedures and protocols to safeguard our organisation's networks and systems.Ensure compliance with relevant data protection and privacy laws and regulations.Oversee and maintain Costa's Cyber Security Framework.Maintain and enhance a comprehensive cybersecurity program that supports the Cyber Security Framework, aligns with industry best practices and regulatory requirements.Lead incident response activities to mitigate security breaches or incidents and conduct forensic analysis to determine the root cause of security incidents.Collaborate with business units to identify and manage risks associated with existing/new technologies, business processes, or products.Lead compliance efforts to ensure compliance with regulatory requirements such as ACSC Essential 8.Report regularly on the status of cybersecurity, potential risks, and emerging threats.Work closely with our Security Partners to respond, assess, and investigate security events, perform in-depth analysis and assess vulnerabilities, cyber security intelligence, and open-source information to validate security risk and impact to Costa's, recommending appropriate countermeasures.Develop and maintain cyber incident response and handling playbooks for various threat scenarios.Participate in the development and implementation of IT disaster recovery and IT business continuity plans.Work in a fast-paced environment and maintain production of quality work within tight timeframes, occasionally with conflicting priorities.Take an active approach to IT Security and Governance.Develop a Cyber Security Framework and program of work in a volatile and ever-changing digital landscape.Build strong working relationships with other senior leaders.The role operates with a significant level of autonomy and is accountable for the delivery of initiatives and activities on time, within budget and to meet expectations in terms of quality, deliverables, and outcomes.Ensure strong stakeholder engagement internally and externally to ensure offerings are clear, aligned to business needs, and capable of delivering service excellence to its customers.Selection CriteriaA degree in Computer Science, Information Technology, Cyber Security or a related field.Minimum of 3 years of experience in a similar role.Strong knowledge of Network and security fundamentals.Strong knowledge in Microsoft environment.Strong knowledge of cyber security principles, best practices, and regulatory requirements.Experience developing cyber strategy and implementing cyber security programs.Excellent strategic, conceptual, analytical, and lateral thinking skills and demonstrated expertise in positively leading and influencing organisational change programs and projects particularly those related to cyber security.Possess a positive attitude with drive, initiative, enthusiasm, and a keen sense of urgency in resolving high-priority issues.Able to work independently and in a team-oriented, collaborative environment.Experience in managing vendor relationships and ensuring the delivery of high-quality security services.Experience managing security incidents and conducting forensic analysis.Some experience in Cyber Security Framework and best practices.Strong project management skills and experience.Excellent verbal and written communication skills, and the ability to communicate complex technical information to a diverse range of stakeholders.Experience with security tools such as firewalls, intrusion detection systems, and security information and event management (SIEM) solutions.Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) are preferred.Personal AttributesStrong analytical and problem-solving skills, with the ability to think creatively and outside the box.Excellent attention to detail, with the ability to spot even the smallest anomalies or irregularities.Strong communication skills, with the ability to explain technical concepts to non-technical stakeholders.A passion for cyber security and a commitment to staying up-to-date with the latest developments and trends.
#J-18808-Ljbffr
