Cyber Security Program Manager

Our client is looking for a Cyber Security Program Manager for a long-term engagement.

The Cyber security program manager will report to the Chief Technology Officer to provide general support, advice, policy and procedures and program delivery and reporting to the team and other stakeholders within the Department.

The Department is committed to uplifting its cyber security posture and has developed a roadmap for implementation of governance, policy, assurance, and technical controls to achieve this outcome.

This position is responsible for analysing and documenting cyber security risks to the Department's information, developing, and managing remediation plans with the Department's service providers and developing policies, plans, and other documentation to improve security compliance.

Other duties include the development of reporting tools, standard operating procedures and work instructions, preparation of guidance documents, risk statements, and training materials. The position will participate in the provision of advice to all areas of the agency, including projects, managed activities, and external stakeholders such as auditors.

The seller must provide a specialist resource to fulfil the role of Cyber Security Program Specialist to perform the role to a standard expected of a specialist ICT Security Advisor including :

• Coordinating and managing all aspects of the Cyber uplift program
• A) Reporting on progress and milestones
• B) Reviewing outcomes of assessment reports and developing and oversighting remediation plans in consultation with the Department's service providers
• Providing updates and briefs to the Department's executive, board, and audit committee, as required
• Analysing and documenting cyber security risks to the Department's ICT network and infrastructure,
• Developing cyber awareness materials and providing input to the Cyber awareness learning and development plan; and
• Developing policies, plans, and other documentation to improve security compliance.
• Assist with the accreditation of the Department's ICT systems in accordance with the Australian Signals Directorate's Information Security Manual (ISM).
• Monitor vendor security notifications, assess potential impacts on the Department's systems and engage service providers to undertake remediation activities.
• Produce reports on the status of the security of the Department's ICT information environment.
• Assist with vulnerability assessments, findings and remediation of identified threats and vulnerabilities in consultation with the Department's service providers.