•    Search Jobs

Job Description

Head of Cyber Security

  • 10 Dec 2018
  • Sydney (CBDInnerWestEasternSuburbs)
  • FullTime

Head of Cyber Security – Insurance


One of our clients, a large Australian insurer, is looking to recruit a new Head of Cyber Security. This role will be based in Sydney.


Forming part of the Leadership Team, this critical role will be responsible for ensuring appropriate strategies, frameworks & policies, practices & controls are in place to mitigate cyber threats to the business and maintain the security of information.


Responsible for ensuring the business’ investments & activities in cybersecurity are adequate and effective, giving the Board and Executive team oversight and assurance, in line with regulatory obligations.


Key responsibilities will include:

  • Develop and drive the strategy and roadmap for the business, with consideration for all stakeholders and the broader business strategy
  • Ensure appropriate governance, frameworks, knowledge & capabilities are in place to enable compliance with all regulatory standards & requirements relating to Information Security
  • Ensure strong ongoing budget management & security partner management
  • Ensure appropriate understanding of the cyber strategy & roadmap across technology & innovation
  • Provide regular reporting on the status of the cyber security program to the Board including monitoring & reporting on the internal & external threat environment
  • Ongoing threat management; manage and containing information security incidents and events to protect IT assets, intellectual property, regulated data and reputation
  • Drive a strong culture on cyber security to the wider business, from policy and training to practice, with clear metrics
  • Supporting Audit and Compliance assessments across cyber security
  • Ensure security is embedded end-to-end in the business - from secure development practices & project delivery, business unit operations, through to third-party vendors & partners
  • Lead the cyber security team to ensure consistent and high-quality ISMS and ensure that information assets and associated technology, applications, systems, infrastructure and processes are adequately protected in the ecosystem

 Skills, education and experience required:

  • Minimum of 10 years of experience in a combination of cyber, information security and IT (with at least five in a leadership role)
  • Knowledge and understanding of relevant legal and regulatory requirements
  • Excellent analytical skills, the ability to manage multiple projects
  • Project management skills: financial/budget management, scheduling and resource management
  • Strong knowledge of common information security management frameworks, such as ISO27K, PCI DSS, NIST and COBIT 5

For a confidential discussion regarding this or any other job opportunities across Cyber Security please send a CV to matthew.nicholas@tomexecutive.com