Cyber GRC & Awareness Lead
at Origin Energy
Greater Adelaide, South Australia, Australia -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 06 Aug, 2024 | Not Specified | 07 May, 2024 | N/A | Good communication skills | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
- Flexible work arrangement - Hybrid
- Awarded Best place to work for women in Security 2022.
- Brisbane, Sydney, Melbourne or Adelaide based
DELIVERING GOOD ENERGY STARTS FROM WITHIN
It’s an exciting time to join Origin. Creating a great place to work means together we’re progressing our ambition to lead the energy transition through cleaner energy and customer solutions. We’re always looking for better ways to deliver for our customers – and for our people.
Responsibilities:
ABOUT THE ROLE:
This role is responsible for the management of Cyber Risk Management and Security awareness programs across Origin. This includes working with technology and business units to identify and assess cyber security risks, report on these risk trends and management, plan and lead control assurance activities.
WHY THIS ROLE MATTERS
- Implement cyber security risk governance activities across Origin in line with Origin’s risk appetite. The purpose of this activity to is to ensure appropriate identification, assessment, reporting and governance of security risks and controls to management. This includes providing adequate and timely reporting of risks and status to stakeholders and various risk committees.
- Develop and execute 2nd line assurance activities over cyber security controls.
- Develop the overall security awareness plan based on key cyber threats and risks, and coordinates the required activities with the relevant contributors and stakeholders.
- Ownership and continuous improvement of internal processes and business decisions by performing cyber risk identification, analysis, and assessment in a pragmatic manner.
- Facilitate risk workshops with Business and Technology stakeholders to identify and document detailed security risk assessments.
- Identify and manage the legal or regulatory cyber related requirements that may impact Origin (e.g SOCI) and prioritise with the relevant stakeholders for action.
- Coordinate AES-CSF compliance attestation.
- Translate technical risks, vulnerabilities, and deficiencies in business appropriate language for consumption by business stakeholders and communicate recommendations to senior stakeholders.
- Schedule, plan and execute second line risk and control assurance programs over the design and effectiveness of key cyber controls.
- Maintain security key controls library.
- Regular reporting to management on cyber security risks and issues.
REQUIREMENT SUMMARY
Min:N/AMax:5.0 year(s)
Financial Services
IT Software - Network Administration / Security
Finance
Graduate
Architecture, Engineering, architecture, IT, Design
Proficient
1
Greater Adelaide SA, Australia