Mirvac's people are our most valuable asset. We are proud to have built a culture of inclusivity, innovation and collaboration, becoming a place where people genuinely want to work. We also offer a number of competitive and unique benefits for permanent employees including:
Flexible Work Arrangements $1000 of Mirvac Securities Annually Leadership and Professional Development Programs Generous Parental & Partner Leave Policy Unlimited Volunteer Leave and National Community Day Mirvac Pride Committee Mirvac is an Australian property group with a clearly defined purpose to 'reimagine urban life'. For over 50 years, we've dedicated ourselves to shaping Australia's urban landscape. Our evolution has been significant, growing from a small joint venture to a thriving ASX-listed property group that leads the way in sustainability, innovation, safety and placemaking. Our opportunity As Manager, Cybersecurity Governance Compliance , you will be responsible for overseeing the governance of cybersecurity at Mirvac and ensuring compliance with all regulatory and organisational requirements. This role involves developing and maintaining cybersecurity frameworks, managing identity and access governance, ensuring cybersecurity in the supply chain, fostering a security culture, and supporting compliance and audit activities. In this role you will be responsible for: Cyber Security and Digital Strategy - Collaborate with the CISO and digital teams to deliver comprehensive cybersecurity and digital strategies. Align cybersecurity initiatives with business goals and objectives. Cybersecurity Framework - Develop, implement, and maintain the Information Security Management System (ISMS), including policies, standards, and procedures. Ensure that business and technology processes adhere to established controls and compliance requirements. Identity Governance and Access - Own and manage the identity and privileged access governance frameworks. Work with stakeholders to ensure effective controls are in place, and oversee the User Access Review process. Supply Chain Cybersecurity - Manage cybersecurity risks within the supply chain ecosystem. Identify third parties holding sensitive data or critical to business operations and ensure appropriate controls are in place. Conduct due diligence and reverse due diligence for third-party relationships. Culture and Outreach / Awareness Training and Education - Foster a strong security culture across the organisation. Develop, maintain, communicate, and deliver the cybersecurity awareness and training strategy for all employees. Reporting - Assist the CISO with board, operational, and external reporting on cybersecurity matters. Compliance Activities - Identify and manage compliance obligations impacting technology, including GS007. Ensure compliance is integrated into projects and business-as-usual (BAU) activities. Cyber and Technology Risk Management - Identify and oversee technology and cyber risks at a strategic level. Implement risk management strategies to mitigate identified risks. Audit Management and Evidence - Maintain and facilitate the remediation of audit findings from external auditors (e.g., PwC). Ensure timely and effective responses to audit requests and findings. Your point of difference To be successful, you will have prior Cyber Governance, Risk and Compliance (GRC) experience. Relevant certifications such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Security Professional (CISSP) are highly desirable. You have experience with identity and access management (IAM) frameworks and tools, and the ability to manage cybersecurity risks in the supply chain. You will have experience in compliance management and familiarity with regulatory requirements affecting technology, and strong understanding of cybersecurity frameworks, standards, and best practices are a must. All of these attributes are preferred, if you think you may be the right fit for the role please still apply.#J-18808-Ljbffr
