Virtual Chief Information Security OfficerblueAPACHE is an Australian owned award-winning Managed Service Provider, recognised for the 5th year running, as Mid-Market Partner of the Year at the ARN Innovation Awards.We pride ourselves on being a genuinely great place to work, with a vibrant culture, clear vision, and strong leadership. When joining blueAPACHE, you are joining an organisation that is driven by our core values of employee and customer experience. We are proud to be an equal opportunity employer and are committed to building a diverse and inclusive workplace where we embrace our individual talents, and our differences.Due to exciting growth plans, we are looking for an experienced Virtual Chief Information Security Officer to join our Cyber Security Practice.Reporting into the GRC Practice Lead, you will be responsible for helping develop and implement the information security governance strategy and policies to safeguard BlueAPACHE's subscribed customer's digital assets and ensure compliance with regulatory requirements.This role will be based in Sydney.ResponsibilitiesProvide consulting services to clients in the areas of governance, risk, and compliance.Assist clients in developing and implementing risk management strategies.Conduct risk assessments and gap analyses to identify potential vulnerabilities and recommend preventive measures.Develop policies and procedures to ensure compliance with regulatory requirements.Support assigned client outcome focused, Account Directors, Service Delivery Managers, Portfolio Engineers with risk / gap mitigation services and solutions.Collaborate with cross-functional teams to implement and maintain GRC frameworks and tools.Provide training and education to clients on GRC topics.Stay up-to-date with industry trends and best practices in GRC.Work with various teams within customer organizations to develop plans to improve compliance with cybersecurity policies and standards and provide input to drive targeted maturity levels.Develop and implement risk mitigation strategies and controls.Monitor emerging threats and industry trends to adapt security advisory measures accordingly.Advise on incident response best practice, including containment, investigation, and recovery efforts.Support customers to define and maintain their organization's best practices security architecture, including network security, endpoint security, cloud security, Identity Access Management and related vectors.Promote importance of user awareness and data handling behavior through best practices and policies.Assess and manage security risks associated with third-party vendors and service providers for clients.RequirementsPrior experience as a vCISO or similar role.Knowledge of governance, risk, and compliance frameworks and methodologies.Strong analytical and problem-solving skills.Excellent communication and stakeholder management abilities.Bachelor's or higher degree in Computer Science, Information Security, or a related field.Industry Certifications in GRC such as CRISC, CISA, CISM, or CISSP are highly desired.Experience in the IT industry or IT-related projects is a plus.Ability to work independently and as part of a team.Willingness to travel to client sites as required.Proven experience in a GRC consulting and delivery role within information security, preferably as a Security advisor / vCISO or similar position.Deep understanding of information security principles, standards, and best practices.Experience managing or supporting security incidents.Please note, all offers of employment at blueAPACHE are subject to Police Clearance Checks.
#J-18808-Ljbffr