Virtual Chief Information Security OfficerTo enable our client's success through agile, secure and efficient access to their systems wherever they are, all of the time.Data and analyticsFull-timeOffice | Sydney, NSW, AustraliaMid Level · A role for someone with some well-developed knowledge and skills they can bring to the role and team. Typically within 2-5 years of experience.Since 1998, blueAPACHE has been helping organisations access technology to their business advantage. We achieve this by providing IT management, IT strategy and converged IT services to clients across Australia, New Zealand, Asia and North America. blueAPACHE is renowned for helping organisations grow by removing the IT capital investment required to fund expansion. By delivering IT as a Service, blueAPACHE has revolutionised the way organisations access technology and communications with affordable solutions that provide true scalability, elasticity and agility.Our team of industry specialists work together to provide outstanding solutions to the complex technology problems. In addition to taking ownership of our clients' IT challenges, we also leverage technology to improve business performance, align strategy, and drive their business objectives.About the roleblueAPACHE is an Australian owned award-winning Managed Service Provider, recognised for the 5th year running, as Mid-Market Partner of the Year at the ARN Innovation Awards. We pride ourselves on being a genuinely great place to work, with a vibrant culture, clear vision, and strong leadership. When joining blueAPACHE, you are joining an organisation that is driven by our core values of employee and customer experience. We are proud to be an equal opportunity employer and are committed to building a diverse and inclusive workplace where we embrace our individual talents, and our differences. Due to exciting growth plans, we are looking for an experienced Virtual Chief Information Security Officer to join our Cyber Security Practice.Reporting into the GRC Practice Lead, you will be responsible for helping develop and implement the information security governance strategy and policies to safeguard BlueAPACHE's subscribed customer's digital assets and ensure compliance with regulatory requirements. This role will be based in Sydney.ResponsibilitiesProvide consulting services to clients in the areas of governance, risk, and compliance.Assist clients in developing and implementing risk management strategies.Conduct risk assessments and gap analyses to identify potential vulnerabilities and recommend preventive measures.Develop policies and procedures to ensure compliance with regulatory requirements.Support assigned client outcome focused, Account Directors, Service Delivery Managers, Portfolio Engineers with risk / gap mitigation services and solutions.Collaborate with cross-functional teams to implement and maintain GRC frameworks and tools.Provide training and education to clients on GRC topics.Stay up-to-date with industry trends and best practices in GRC.Work with various teams within customer organizations to develop plans to improve compliance with cybersecurity policies and standards and provide input to drive targeted maturity levels.Develop and implement risk mitigation strategies and controls.Monitor emerging threats and industry trends to adapt security advisory measures accordingly.Advise on incident response best practice, including containment, investigation, and recovery efforts.Support customers to define and maintain their organization's best practices security architecture, including network security, endpoint security, cloud security, Identity Access Management and related vectors.Promote importance of user awareness and data handling behavior through best practices and policies.Assess and manage security risks associated with third-party vendors and service providers for clients.RequirementsPrior experience as a vCISO or similar role.Knowledge of governance, risk, and compliance frameworks and methodologies.Strong analytical and problem-solving skills.Excellent communication and stakeholder management abilities.Bachelor's or higher degree in Computer Science, Information Security, or a related field.Industry Certifications in GRC such as CRISC, CISA, CISM, or CISSP are highly desired.Vendor certifications preferred.Experience in the IT industry or IT-related projects is a plus.Ability to work independently and as part of a team.Willingness to travel to client sites as required.Proven experience in a GRC consulting and delivery role within information security, preferably as a Security advisor / vCISO or similar position.Deep understanding of information security principles, standards, and best practices.Experience managing or supporting security incidents.Please note, all offers of employment at blueAPACHE are subject to Police Clearance Checks.
#J-18808-Ljbffr