IT Security Analyst - Assurance
IT Security Analyst - Assurance
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Location: Sydney Brisbane Melbourne
Contract Type: 12 month Fixed Term Contract (up to 24 months)
MinterEllison is one of Australias largest independent law and consulting firms. With a heritage of almost 200 years we are known for our excellence and our authentic and enduring relationships with our clients our people and our communities. Clients seek out MinterEllison to help them solve complex problems every day. We do this by our full-service legal offering and complementary consulting offering.
We offer opportunities to work on industry-leading mandates for top-tier clients while being part of a high-performing and collaborative team that values excellence diversity of thought curiosity and inclusion. We value our people and empower them to achieve their ambitions - with the support trust and autonomy to grow their careers in meaningful ways.
We support sustainable ways of working regarding how when and where you work and offer a wide range of social financial and health benefits (see Role
Our IT Security team is currently looking for an IT Security Analyst to manage and maintain compliance coordination activities under our assurance practice. The assurance practice covers client questionnaires supply chain security pen testing user awareness and compliance with various security standards. This is an internal role reporting into the IT Security GRC Manager and may include occasional travel to other MinterEllison offices. The role is supported by and works closely with broader IT security team Business Hub for questionnaire coordination IT project management office IT Procurement practice and multiple managed services providers.
You will have at least 2 years experience in information systems environment and a background in information technology. You will have a good understanding of security software and platforms and security principles standards and procedures. You are motivated and excited to inspire people at all levels of the business to implement and uphold information security best practices and standards.
More About You
In this role you will have the opportunity to:
- Respond to client questionnaires audits security program enquiries and RFPs on any cybersecurity enquiries
- Build and maintain an ongoing relationship with our external clients security teams
- Perform supply chain security reviews including annual reviews and keep the risk register up to date
- Support the cyber risk managment lifecycle for new and existing systems and applications
- Contribute to the IT Security awareness program (Email newsletters monthly awareness Ad-hoc alerts) and coordinate with the broader IT training and Talent training teams.
- Assist with maintaining MinterEllisons compliance program (including ISO27001 SSAE16 ASD E8 NIST CPS 234) risks and any remediation. Work with internal and external auditors to schedule and respond to ISO audits
- Maintain MinterEllison Security Trust Centre with regular updates on IT sec policies procedures and other information about the security program
- Running quarterly audits on key stats such as privileged access user access mobile device compliance asset inventory etc
- Assist with IT security operations on any security incidents during and if required after business hours
- Be up-to-date with information security best practices and industry trends for security solutions and standards
Knowledge Skills and Experience:
- At least 2 years experience in information systems/ cyber security environment and a background in information technology.
- Expert level skill in coordinating tasks organising activities and maintaining a program on schedule.
- Demonstrated experience in writing high quality executive reports/briefings
- Excellent knowledge of information security principles standards and frameworks such as ISO27001 SSAE16 APRA CPS234 ASD essential 8. Familiarity with NIST v2.0.
- Experience in running internal IT audits/assessments on policy compliance
- Experience in running supplier assessments and making recommendations from the response
- Must have agile-mindset incremental delivery over perfection willingness to try new approaches to a problem
- Ability to manage projects and tasks independently with little supervision
- Relevant security trainings/certifications not mandatory but will be highly desirable
How to apply
We encourage applications from people of all ages abilities cultural backgrounds genders (including trans or gender diverse) LGBTQ people and those with carer responsibilities. We particularly encourage Aboriginal and Torres Strait Islander people to apply.
We prefer to connect with people directly so please submit your CV by clicking on the Apply button. We encourage all applications including if you do not meet all the criteria listed for the role. Your application will also enable us to consider you for other opportunities that may be available at MinterEllison.
If you are currently a MinterEllison employee please apply through the internal careers page.
If you would like further information require any adjustments throughout the recruitment process or for a confidential discussion please
Required Experience:
IC
Employment Type
Full Time
