Job Summary: 

• Perform security assessments for new projects to measure and evidence compliance with policy requirements
• Working with senior stakeholders, SMEs and project management to ensure security requirements are understood and implemented as part of the project lifecycle
• Staying with the project through the cycle (from inception to product implementation) and validating the implementation
• Research and understand new technologies and concepts to provide accurate and up-to-date security guidance for projects in line with policy requirements 
• Perform periodic security assessment for existing environments, including applications, systems/servers, network infrastructure, database and other technologies and processes
• Perform deep dive security assessments for existing applications, technology or processes
• Develop an ongoing partnership with the business (vs. one-time guidance)
• Build environments and technologies are deployed securely to mitigate risks
• Work with businesses and technology teams to capture non-compliance with policy, ensuring justification, and that mitigating controls are appropriately captured
• Work with the program specialist team to develop and deploy a process to perform assessments and deliver formal assessment reports to the business
• Working with the businesses to formally capture gaps and remedial actions within the GRC system
• Develop KPI and prepare reporting metrics for the InfoSec consulting function and progress on enhancements initiatives
• Escalate risks and details to business partners and Regional Information Security Officers (RISOs) as they appear
• Perform pre- and post-acquisition assessments, develop formal reports
• Identify information security deficiencies or risks to appropriate parties
• Identify and work with the relevant business units to implement process improvements

Skills on Resume: 

• Security Assessment (Hard Skills)
• Stakeholder Engagement (Soft Skills)
• Project Lifecycle (Hard Skills)
• Technology Research (Hard Skills)
• Risk Mitigation (Hard Skills)
• Policy Compliance (Hard Skills)
• Reporting Metrics (Hard Skills)
• Process Improvement (Soft Skills)

Job Summary: 

• Reviewing projects to ensure that Information Security policies and controls are applied, new risks are addressed and the security architecture
• Ensuring that appropriate testing is undertaken to validate the effectiveness of Information security controls
• Managing the delivery of Security Improvement Projects so that expected outcomes are delivered
• Contributing to the effective management of and resolution of Information Security incidents or data breaches
• Planning, organizing and delivering technical assessments (Pentests, web/mobile applications, internal and external network assessments) across many disciplines
• Planning, organizing and delivering red teaming assessments by simulating APTs’ TTPs for customers based in Switzerland and abroad
• Utilise well-known existing or create new offensive security attacker tooling, scripts and methodologies for use within engagements or research
• Produce comprehensive, accurate, tailored reports to clients with industry best practice remediation strategies for both technical and executive audiences
• Define and perform interesting security research that will benefit the information security community and customers at large
• Maintain an up-to-date knowledge of Information Security trends and threats
• Define and develop Security Use Cases to threat models using SIEM technologies
• Complex correlation rules and various forms of visualisations
• Provide input into defining and continually improving the architecture and design of Westpac’s detection and response capabilities such as SIEM, log management, and SOC operations
• Integrate dynamic and static data feeds such as network device, operating system, middleware, database and application logs, and contextual data such as STIX/TAXI compliant intelligence sources, enterprise network and asset information

Skills on Resume: 

• Security Architecture (Hard Skills)
• Control Validation (Hard Skills)
• Project Delivery (Soft Skills)
• Incident Management (Soft Skills)
• Technical Assessment (Hard Skills)
• Red Teaming (Hard Skills)
• Security Reporting (Hard Skills)
• Threat Intelligence (Hard Skills)

Job Summary: 

• Process, collate and exploit data, taking into account its relevance and reliability to develop and maintain situational awareness
• Define and implement processes to verify ongoing security, legal and regulatory requirements
• Monitor network and system activity to identify potential threats or other suspicious behaviour, using security analytics to detect potential breaches or identify warnings and escalate
• Identifies and implements new management controls to reflect changes in factors such as Threat levels and legislation
• Manage the implementation of Information Security programmes, and lead security activities across the organisation including vulnerability management process
• Lead on managing and investigating Information Security incidents
• Ensure that the Information Security incident management processes are aligned with business continuity processes, advising on corporate responses
• Support the CTU Manager in developing and delivering information security reporting processes and formats and information security strategy
• Responsible for the production of management information, metrics and trends for Information Security
• Assist the CTU Manager in developing others through coaching and mentoring
• Produce warning material in a manner that is both timely and intelligible to the target audience

Skills on Resume: 

• Information Analysis (Hard Skills)
• Threat Monitoring (Hard Skills)
• Security Analytics (Hard Skills)
• Incident Management (Hard Skills)
• Legal Compliance (Hard Skills)
• Situational Awareness (Soft Skills)
• Team Leadership (Soft Skills)
• Mentoring (Soft Skills)

Job Summary: 

• Building requirements for the individual artifacts and program to align with the Audit feedback
• Provides advice to client management about moderately complex security issues
• Assists in the review, development, testing and implementation of security plans, products and control techniques
• Coordinates the reporting of data security incidents
• Provides technical support to the client and management and staff in risk assessments and implementation of appropriate data security procedures and products
• Monitors existing and proposed security standard-setting groups
• Identifies and escalates changes that will affect information security policy, standards and procedures
• Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs
• Researchers attempted to compromise security protocols
• Administers security policies to control access to systems and maintains the company's firewall
• Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors
• Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criteria for obtaining results
• Work leadership may be provided by assigning work and resolving problems

Skills on Resume: 

• Security Auditing (Hard Skills)
• Risk Assessment (Hard Skills)
• Firewall Management (Hard Skills)
• Incident Reporting (Hard Skills)
• Policy Development (Hard Skills)
• Threat Research (Hard Skills)
• Problem Solving (Soft Skills)
• Team Leadership (Soft Skills)

Job Summary: 

• Analyze system architectures to design appropriate security requirements that enforce Information Security policies and standards
• Identify and communicate current and emerging security threats to the business and across security domains
• Create solutions that balance business requirements with information and cybersecurity requirements
• Collaborate with business units, application teams, architectural teams, and third-party vendors to provide guidance on security controls for managing risk for TFS
• Perform risk assessments of information systems and infrastructure
• Develop appropriate risk treatment and mitigation options, and effectively articulate findings and recommendations to IT project teams and management
• Design security architecture elements to mitigate threats as they emerge
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
• Maintain highly developed knowledge of security best practices and technologies
• Aid strategic leaders across the business in designing their product roadmaps
• Communicate technical topics to diverse audiences including technology teams, leaders, and business users without a technical background
• Manage multiple simultaneous fast-paced projects covering diverse business initiatives 
• Work on multiple projects and tasks concurrently
• Understand the role of the security department and how it contributes to the overall goals and business strategy of the Company
• Align standards, frameworks, and security with the overall business and technology strategy
• Create baseline architecture standards for security controls for cloud and data center-hosted solutions

Skills on Resume: 

• Security Architecture (Hard Skills)
• Risk Assessment (Hard Skills)
• Threat Analysis (Hard Skills)
• Control Design (Hard Skills)
• Strategic Alignment (Soft Skills)
• Cross-Functional Collaboration (Soft Skills)
• Technical Communication (Soft Skills)
• Project Management (Soft Skills)

Job Summary: 

• Identifying and implementing detections within the SIEM platform (Splunk ES) to ensure high-fidelity alerts to the SOC
• Assisting with configuration and maintenance of the new SOAR platform (XSOAR), with a focus on creation of automation playbooks and processes
• Working collaboratively across several capabilities with a focus on security tool engineering, detection enhancements, and process improvements
• Collaborating with teams across the Information Security Group to onboard and uplift security capabilities
• Actively contributing to the continuous improvement of incident response playbooks and other supporting documentation
• Build and own the end-to-end process for M&A activity from strategy through negotiation to implementation on behalf of TalkTalk’s security function
• Review the security maturity of strategic M&A opportunities
• Lead M&A due diligence activities for the security team, working closely with the business and commercial teams
• Identify security risks and provide security guidance, costs and remediation activities as part of security risk mitigation planning
• Perform gap analysis of security controls against TalkTalk's security policy, standards and blueprints and provide recommendations to align approaches
• Provide regular security updates to the Security Leadership Team and senior business stakeholders
• Manage a security risk register for each strategic opportunity

Skills on Resume: 

• SIEM Engineering (Hard Skills)
• SOAR Automation (Hard Skills)
• Detection Development (Hard Skills)
• Security Assessments (Hard Skills)
• Risk Mitigation (Hard Skills)
• Cross-Team Collaboration (Soft Skills)
• M&A Leadership (Soft Skills)
• Stakeholder Communication (Soft Skills)

Job Summary: 

• Liaise effectively with Westpac’s business partners and third-party service providers
• Ensure that Westpac continues to be protected against current and emerging threats
• Review the suitability of the security product against business needs and implement it into existing environments without interruption to service
• Identify and advise on requirements for business processes, applications, and products
• Ensure that Westpac continues to be protected against current and emerging threats
• Provide input into the response by partners to any published Urgent Security Memos
• Maintain an up-to-date knowledge of Information Security trends and threats
• Provide input into the development of information security strategies
• Providing analytics, research advice and on technical issues
• Ensure the long-term benefit of shareholders, customers, employees, and community stakeholders

Skills on Resume: 

• Vendor Management (Soft Skills)
• Threat Monitoring (Hard Skills)
• Product Integration (Hard Skills)
• Business Analysis (Hard Skills)
• Security Advisory (Soft Skills)
• Trend Awareness (Hard Skills)
• Strategy Input (Soft Skills)
• Technical Research (Hard Skills)

Job Summary: 

• Working as an SME on a variety of different projects across the organisation, ranging from large acquisitions through to initiatives that touch technology, people and processes
• Serve as a security expert on change programmes, providing guidance and support to enable change delivery teams to comply with enterprise and technology security policies, industry regulations and best practices
• Support deliveries with robust risk assessment/mitigation
• Ensure that they align to the appropriate technology change framework and that solutions meet the relevant operating principles, to protect the Business, whilst continuing to deliver change
• Identify appropriate security requirements through a deep understanding of the business requirements and security control environment for each phase of a project or change initiative
• Undertake technology evaluations and provide recommendations for the security aspects of new applications
• Working with the IT solutions team to detail the security design into project templates
• For the global and local delivery teams - ensure all stakeholders are aware that global and local requirements are met, with the skillset to influence change at all levels
• Conduct risk analysis and contribute to the prioritisation of information security initiatives based on risk and business need
• Weigh business needs and security concerns, make recommendations and clearly articulate options (including benefits and risks) to business partners, decision makers and key stakeholders
• Communicate known security risks and solutions to mitigate risks to business and technology partners
• Assist with the investigation and operational support of the information security incident management processes
• Ensure solutions are fully integrated into business-as-usual activities
• Ensure regional KPI’s and KRI are defined and delivered
• Maintain current expertise in information security technology, methodology, tools, threats/vulnerabilities, news and regulatory changes, emerging security trends, issues and threats
• Work with Project Management to ensure that projects have met all Security / Production acceptance criteria before design and implementation into production
• Provide leadership within a framework of prudent and effective controls that enable risk to be assessed and managed to fit within the Organization’s agreed risk appetite

Skills on Resume: 

• Security Consulting (Hard Skills)
• Risk Mitigation (Hard Skills)
• Project Alignment (Soft Skills)
• Control Design (Hard Skills)
• Stakeholder Influence (Soft Skills)
• Threat Communication (Soft Skills)
• Incident Support (Hard Skills)
• Trend Monitoring (Hard Skills)

Job Summary: 

• Provide operational support on the customer IAM/SSO platform, mainly on PingID and Okta
• Integrate new applications with the existing SSO platform, troubleshoot user authentication/authorization issues
• Work with vendors/partners to integrate third-party IdP solutions with the customer IAM/SSO platform
• Work with the project team to migrate applications and users from PingID to Okta
• Collaborate with business teams to design and implement user lifecycle management across various applications
• Provide specialist expertise, advice, oversight and reporting for all areas of Information Security and cyber risk in the Group, including overseeing the investigation of significant risk incidents to identify root causes
• Support the completion of specialist risk assessments and thematic reviews, identifying root causes, and developing appropriate action plans to address
• Operate the Information Security Risk Framework to drive compliance with regulatory requirements, to drive the identification, reporting and management of information security risks across the Group
• Ensure that information security and cyber controls operate effectively, recommend and implement design improvements and enhancements
• Ensure that relevant legislative and regulatory change impacting the Group across information security and cyber risk management is understood and embedded, build capability through workshops and thought leadership
• Collaborate with the Data Protection/ Privacy team to ensure the provision of effective due diligence and assurance over 3rd parties

Skills on Resume: 

• IAM Support (Hard Skills)
• SSO Integration (Hard Skills)
• User Migration (Hard Skills)
• Lifecycle Design (Hard Skills)
• Risk Oversight (Hard Skills)
• Control Enhancement (Hard Skills)
• Regulatory Compliance (Soft Skills)
• Cross-Team Collaboration (Soft Skills)

Job Summary: 

• Determine the security maturity level of a client and guide the client in the elaboration of a short/longer term planning evolving to a higher CMMI level
• Providing support to a CISO (Corporate Information Security Officer) or taking on the role of Information Security Officer yourself
• Taking the lead in or giving advice when setting up an ISMS (Information Security Management System)
• Mapping the risks associated with the processing of personal data
• Supporting activities to prepare for an ISMA certification
• Guide building and/or maturing information security programs and the implementation of tools and technologies used for enterprise security
• Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical subjects
• Implement and/or assess existing security controls
• Provide knowledge of tools and technologies used for enterprise security
• Interface with clients to address concerns, issues or escalations
• Track and drive to closure any issues that impact the service and its value to clients

Skills on Resume: 

• Maturity Assessment (Hard Skills)
• ISMS Setup (Hard Skills)
• Risk Mapping (Hard Skills)
• Security Programs (Hard Skills)
• Client Advisory (Soft Skills)
• Tool Implementation (Hard Skills)
• Issue Resolution (Soft Skills)
• Value Communication (Soft Skills)

Job Summary: 

• Assist with security incident management and response activities
• Perform daily, weekly, and monthly security checks, reconciliation and compliance checks and investigate exceptions
• Completing client security requirement questionnaires and supporting the bidding process
• Identify and raise awareness of security risks
• Continually support the wider IT team to provide and share technical knowledge and security best practices
• Develop and enhance security policies, processes, procedures, and technical controls to strengthen the company's security capabilities and resilience to cyber threats
• Participate in the design and implementation of systems and applications, and develop user and technical training guides
• Maintain and manage the IT Risk, regularly review, correctly identify, assess, report, and mitigate in line with recommended best practices
• Test DR plans and capabilities, drive continual development and enhancement
• Risk reviews, technology audits or other similar work

Skills on Resume: 

• Incident Response (Hard Skills)
• Compliance Checks (Hard Skills)
• Risk Awareness (Soft Skills)
• Policy Development (Hard Skills)
• Team Support (Soft Skills)
• System Design (Hard Skills)
• IT Risk Management (Hard Skills)
• DR Testing (Hard Skills)

Job Summary: 

• Work with various stakeholders to assist them in understanding the severity of the security risks and the remediation activities that could follow
• Provide advisory and consultancy on information security for changes and new initiatives
• Liaise with internal and external stakeholders to understand information security issues and risks
• Maintain knowledge of emerging trends (including threats) and best practices within information security, sharing this knowledge with technology and business unit stakeholders
• Delivering sound and timely information security design advice
• Recommending technological or procedural solutions to meet security control intent in support of projects
• Lead the implementation and maintenance of certification to information security standards
• Manage the third-party security risk assessment process
• Consult clients on achieving their security and compliance goals
• Conduct assessments of existing IT architecture for compliance with security requirements from one or more security frameworks
• Author IT security policies, whitepapers, and documentation to support information system authorization and accreditation packages
• Provide technical IT architectural security guidance for operational systems and systems under development
• Evaluate risks associated with systems or planned changes and recommend mitigation strategies

Skills on Resume: 

• Risk Communication (Soft Skills)
• Security Consulting (Soft Skills)
• Trend Monitoring (Hard Skills)
• Control Design (Hard Skills)
• Standards Management (Hard Skills)
• Third-Party Assessment (Hard Skills)
• Policy Writing (Hard Skills)
• Architecture Guidance (Hard Skills)

Job Summary: 

• Provide consultancy to major projects and services on effective mitigation of risks, and controls implementation
• Assist with complex projects to identify business and technical security requirements, design security controls and test their effectiveness
• Apply and support IT security, risk and compliance technologies
• Carry out control assurance for IT Service providers
• Provide regional support and coordination for audit and other assurance processes
• Compile Regional Management Information reports regularly
• Contribute to IT Security/IT risk frameworks that serve as a basis for regulatory compliance, internal control processes and management of IT Security and IT risk
• Initiate and maintain IT Security and IT risk management procedures
• Ensure compliance with IT-related policies and regulatory requirements
• Develop a plan to remediate compliance gaps
• Facilitate and take part in regular global IT Security and IT risk/control assessment initiatives
• Support security event monitoring and incident response processes
• Work with the adoption of new Digital technologies and platforms

Skills on Resume: 

• Risk Mitigation (Hard Skills)
• Control Design (Hard Skills)
• Compliance Support (Hard Skills)
• Assurance Testing (Hard Skills)
• Audit Coordination (Soft Skills)
• Risk Frameworks (Hard Skills)
• Incident Response (Hard Skills)
• Digital Adoption (Soft Skills)

Job Summary: 

• Analyzing existing security posture to identify existing gaps while providing solutions to meet current business needs
• Administering compliance audits and reviewing the whole process for certifications like ISO 27001, HIPAA, and SOC2
• Developing and implementing organization-wide Cyber and Information Security Policies, Frameworks, and tools across the group
• Establishing necessary security controls to safeguard against potential attacks on the organizational systems
• Providing training to users and internal employees to ensure best practices on IT and Cybersecurity obligations
• Driving end-to-end security projects while collaborating with cross-functional business units
• Facilitating security compliance and audit activities to ensure organizational compliance with security needs
• Develops Vendor Risk Management policies and supports the client’s risk profile assessment for vendor onboarding process and conducts an annual review of critical vendors
• Maintaining the security, confidentiality, integrity, availability and accountability of systems
• Ensuring the compliance of information systems with legislation, regulations and relevant standards
• Working closely with a range of stakeholders to enable the balance between the business and security requirements

Skills on Resume: 

• Gap Analysis (Hard Skills)
• Compliance Audits (Hard Skills)
• Policy Development (Hard Skills)
• Security Controls (Hard Skills)
• User Training (Soft Skills)
• Project Leadership (Soft Skills)
• Vendor Assessment (Hard Skills)
• Stakeholder Alignment (Soft Skills)

Job Summary: 

• Be part of the Delivery Services team of the Information Security Department of Netcompany-Intrasoft
• Support information security activities within the context of projects of the European Commission, the Public or Private Sector
• Manage tactical and operational activities of projects related to Information Security Governance and its related security risks
• Develop any requested security-related artifacts, including security plans, policies, procedures, risk assessments, business continuity plans etc.
• Provide input for Information Security Consulting Services for European Commission Agencies as well as the Public and Private Sectors
• Provide information security expertise to presales, business analysts, development teams, IT Engineers and Architects
• Support corporate Information Security Management System activities and promote the corporate Information Security policies and good practices
• Review and update information security standards and best practices from the business, project management, and technical perspectives
• Customize presales supportive material regarding Information Security and Security Assurance services to presales teams
• Collaborate with Bid stakeholders and contribute to the sales cycle

Skills on Resume: 

• Security Governance (Hard Skills)
• Risk Management (Hard Skills)
• Policy Development (Hard Skills)
• BCP Planning (Hard Skills)
• Security Consulting (Soft Skills)
• Presales Support (Soft Skills)
• Standards Review (Hard Skills)
• Bid Collaboration (Soft Skills)

Job Summary: 

• Evaluate and review the effectiveness of information security policies, procedures, standards, guidelines, and processes
• Conduct a continuous assessment of current IT security practices and systems status and identify areas for improvement
• Develop and improve strategic organization-wide information security and risk management plans
• Ensure ongoing compliance with legal and regulatory requirements of cyber and information security
• Raise information security awareness among management, employees, contractors, and other stakeholders
• Provide the workforce with role-based information security training
• Evaluate the effectiveness of training and awareness programs
• Ensure implementation of the Security Steering Committee's decisions
• Ensure contractors/suppliers' compliance with information security

Skills on Resume: 

• Policy Evaluation (Hard Skills)
• Security Assessment (Hard Skills)
• Risk Planning (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Awareness Training (Soft Skills)
• Program Evaluation (Hard Skills)
• Decision Execution (Soft Skills)
• Vendor Compliance (Hard Skills)

Job Summary: 

• Define the prerequisites of application security assessments (e.g., Penetration test)
• Define the scope of assessments and improve the correctness of the assessment scopes
• Work with the assessors and understand what assessing items need to be done
• Justify and counterpropose risk ratings of the findings
• Verify remediations done by IT teams to minimize the number of application assessments (e.g., Penetration test) retests
• Provide application security training sessions to IT teams
• Provide sharing sessions of the assessment technique to the supporting team
• Provide reports of overall assessment (e.g., Penetration test) and findings in a holistic view
• Suggest an improvement plan for the existing practice of assessments
• Provide progress of the improvement plan

Skills on Resume: 

• Scope Definition (Hard Skills)
• Risk Justification (Hard Skills)
• Remediation Review (Hard Skills)
• Security Training (Soft Skills)
• Knowledge Sharing (Soft Skills)
• Assessment Reporting (Hard Skills)
• Practice Improvement (Hard Skills)
• Progress Tracking (Soft Skills)

Job Summary: 

• PCI DSS gap analyses and workshops
• Assistance in implementing PCI DSS requirements such as policy writing
• Complete on-site assessments and author reports on compliance
• Security reviews of client environments
• Gap analyses against NCSC Ten Steps, NIST CSF, CIS 20
• Complete risk assessments and conduct third-party risk reviews
• Support ISO 27001 implementation projects such as management workshops, ISMS reviews, risk management workshops, controls reviews, internal audits, and third-party risk reviews
• Support pre-sales by assisting in the pre-sales process, understanding client requirements and contributing to proposals and scoping of engagements
• Perform early-stage testing of Cyber technologies in demo or test environments
• Reporting and documenting vendors, technologies and Cyber capabilities
• Organize and manage technology learning and information sharing sessions
• Research and stay well-informed of current and emerging security threats and security controls designed to mitigate
• Rationalize capabilities across multiple technologies
• Provide consultative feedback and support to all Cyber programs
• Interact with technology vendors to assess capabilities

Skills on Resume: 

• PCI Analysis (Hard Skills)
• Compliance Reporting (Hard Skills)
• Risk Reviews (Hard Skills)
• ISO Support (Hard Skills)
• Pre-Sales Support (Soft Skills)
• Threat Research (Hard Skills)
• Knowledge Sharing (Soft Skills)
• Vendor Assessment (Hard Skills)

Job Summary: 

• Support the Information Security Manager and CISO in the execution of their duties
• Provide Information Security Consultancy services for a wide range of projects and initiatives to ensure products, services, platforms and information assets are secure and cyber resilient
• Provide consultancy during M&A activities including pre-deal due diligence and post-deal integration
• Identify cyber risk within existing business and new business and take ownership of remediation activities with direction and support from the Information Security Manager
• Assist CTI in maintaining certifications (ISO 27001) and the implementation of ISO 27001 across the entire CT business
• Assist the organisation in adhering to regulatory requirements (GDPR, etc.)
• Support the Information Security Manager and Security Operations during all security-related incidents
• Actively supporting the development of Security Maturity Models, Security Reference Architectures, and Roadmaps
• Conduct due diligence on potential partners, M&A's, 4th Parties and new solutions
• Working with peers and collaborating more broadly across the organisation to enhance outcomes and expedite results
• Providing clear, organised findings, and recommendations, and tracking progress towards resolution and risk mitigation
• Producing detailed, high-quality presentations and reports for technical and non-technical audiences
• Providing regular status reports on all assigned projects and activities
• Working semi-independently, undertaking information security engagements including working coordination and project management (client interaction, deliverables, work plans, escalations, etc.)
• Maintain awareness of developments in the information security industry
• Identify security control gaps and provide recommendations, implement solutions, and track the progress
• Act as a security representative at the Change Advisory Board
• Work semi-independently, liaising with other team members across InsureTech and Group, producing high-quality oral and written work product and presenting complex technical matters clearly and concisely
• Contribute to methodologies and leverage collaboration to deliver customers' requirements

Skills on Resume: 

• Security Consultancy (Soft Skills)
• Risk Remediation (Hard Skills)
• ISO Implementation (Hard Skills)
• Regulatory Support (Hard Skills)
• M&A Due Diligence (Hard Skills)
• Stakeholder Collaboration (Soft Skills)
• Gap Identification (Hard Skills)
• Report Presentation (Soft Skills)

Job Summary: 

• Work effectively with the Regional and Global Security team
• Adhere to both customer and corporate standards and responsibilities
• Assist in the creation of documentation such as process and procedural documentation
• Provide ‘level 2 - 3’ support and problem management guidance for the relevant platform team and escalate issues to vendors/manufacturers for technical support
• Manage IAM/PAM solutions on a day-to-day basis
• Support Active Directory environments
• User onboarding, application onboarding on various platforms
• Participate in investigations of inappropriate use of the system
• Manage the issuing of certificates
• Manage the issuing of soft and hard tokens
• Participate in projects on a variety of platforms supported by the team
• Deliver and manage security infrastructures and their configuration

Skills on Resume: 

• Team Collaboration (Soft Skills)
• Process Documentation (Hard Skills)
• Technical Support (Hard Skills)
• IAM Management (Hard Skills)
• AD Support (Hard Skills)
• User Onboarding (Hard Skills)
• Token Issuance (Hard Skills)
• Infrastructure Delivery (Hard Skills)

Job Summary: 

• Conduct information security control assessments, compliance reviews, gap and risk assessments and evaluations
• Participate in readiness engagements to prepare clients for Information Technology Assurance Audits such as those associated with AICPA's SOC 2, ISO's 27001/27002 standards, and the Cybersecurity Maturity Model Certification (CMMC)
• Assist clients with third-party vendor risk management
• Advise clients on proper operational security posture, architecture, and methodologies
• Evaluating relevant aspects of IT security, operational security, software product security, systems security, and other emerging security technologies to support client business objectives
• Support client executives and senior-level leadership in understanding information security risks, vulnerabilities, remediation recommendations, and risk management
• Take part in international projects and work with clients with a focus on Information Security
• Concept, design and architecture of security solutions and integration with the infrastructure environment
• Advise on information security best practices and recommendations for the clients, create roadmaps and implement them
• Play an active role in developing the team’s service offering and portfolio
• Translate customer requirements into business proposals
• Research and development in the IT security area (new products, new services)

Skills on Resume: 

• Control Assessment (Hard Skills)
• Audit Readiness (Hard Skills)
• Vendor Risk (Hard Skills)
• Security Advisory (Soft Skills)
• Solution Architecture (Hard Skills)
• Executive Support (Soft Skills)
• Roadmap Creation (Soft Skills)
• Service Development (Soft Skills)

Job Summary: 

• Provide oversight on Westpac internal staff and partner access
• Develop and maintain Access Request Documents (ARD)
• Process requests from Partners who request access, ensuring it aligns with the approved ARD
• Understand Westpac Enterprise Identity and Access Management Standards and ensure ARDs comply with the standards
• Effectively apply identity and access management knowledge and expertise in analysing access rights, gathering insights into the access rights and challenging the rationale for its inclusion into ARDs
• Manage transition projects where Westpac partners are involved
• Drive engagement with stakeholders at all levels across Westpac Group to achieve a desirable outcome
• Perform governance checks on Westpac internal staff access and partner access
• Identify and implement changes or improvements to IAM processes to address gaps/issues
• Develop meaningful metrics to highlight areas of risk and report on the performance of existing governance processes

Skills on Resume: 

• Access Oversight (Hard Skills)
• ARD Management (Hard Skills)
• IAM Compliance (Hard Skills)
• Rights Analysis (Hard Skills)
• Project Transition (Soft Skills)
• Stakeholder Engagement (Soft Skills)
• Governance Checks (Hard Skills)
• Process Improvement (Soft Skills)

Job Summary: 

• Write cybersecurity policies suitable for the Galileo environment
• Review cybersecurity policies in place
• Suggest improvements to the current cybersecurity policies
• Manage cyber security requirements in the identified requirements management systems, i.e., DOORS
• Maintain traceability between Mission, System/Service requirements in DOORS
• Maintain traceability between the System/Service and other sets of identified requirements
• Perform a gap analysis for GSA cybersecurity requirements across existing GSA contracts and procurements (e.g., GSC, GSOp, RLSP, GRON)
• Maintain an applicability matrix for GSA cybersecurity requirements across contracts and procurements
• Support the optimization, i.e., removing any duplications of the requirements between existing security requirements (e.g., EE SREQ) and new cybersecurity requirements
• Perform a study on the use of MODAF for the definition of the network map
• Write cyber operational scenarios suitable for Galileo Security operations
• Review cyber operational scenarios in place
• Suggest improvements to the current cyber operational scenarios
• Support the flow down of GSA cybersecurity requirements in the relevant contracts and procurements (e.g., GSOP, GSC, RLSP, Sites)
• Support the flow down of GSA cybersecurity requirements in the coming activities (e.g., HA)
• Take part in system development lifecycle milestones (e.g., PDR, CDR, AR) of Service Facilities and other GSA procurements within the SAB accreditation perimeter (e.g., GRON)

Skills on Resume: 

• Policy Writing (Hard Skills)
• Requirements Management (Hard Skills)
• Traceability Analysis (Hard Skills)
• Gap Assessment (Hard Skills)
• Applicability Mapping (Hard Skills)
• Scenario Design (Hard Skills)
• Contract Support (Soft Skills)
• Lifecycle Participation (Hard Skills)

Job Summary: 

• Leading information security compliance assessments, audits, gap analyses, and remediation
• Actively contributing to projects in the areas of FISMA, FedRAMP, DFARS, CMMC and NYS DFS 500
• Communicating with project stakeholders to effectively convey the requirements of technical and process improvements
• Assisting in the development of customized policies, procedures, controls, disaster recovery plans and technical documentation for applications, systems, and infrastructure
• Possess a working knowledge of IT security and various frameworks (i.e, NIST 800-30, NIST 800-37, NIST 800-53, NIST 800-171, etc.)
• Providing security advice and guidance to clients in respect of their existing systems, technical refresh plans and/or their latest projects
• Writing, reviewing and supervising the development of system security policies and other documents to meet corporate or regulatory requirements
• Identifying and establishing good security governance principles, procedures and documents appropriate to clients’ business environments and priorities
• Identifying and assessing information and system security risks and producing appropriate risk management and remediation plans
• Consider and propose innovative security solutions to complex customer security challenges

Skills on Resume: 

• Compliance Audits (Hard Skills)
• Framework Knowledge (Hard Skills)
• Stakeholder Communication (Soft Skills)
• Policy Development (Hard Skills)
• Security Advisory (Soft Skills)
• Governance Setup (Hard Skills)
• Risk Management (Hard Skills)
• Solution Innovation (Soft Skills)