Information Services | Melbourne City, Victoria, Australia | Full Time
IDP Education Limited is an ASX listed company owned by 38 Australian universities and headquartered in Melbourne, Australia. IDP’s core business lines include student placement to Australia, US, UK, Canada and New Zealand institutions, English-language testing and training.
IDP operates in over thirty countries, across three major business lines. Our people are our greatest asset – it is through their passion, expertise and dedication that enables us to deliver outstanding service to our customers, clients and partners.
A new and exciting opportunity exists for a Cybersecurity Specialist to join our team in Melbourne to provide commercial and security advice to all business operations within IDP Education Australia in accordance with Company security policies, procedures and guidelines.
IDP is committed to provide efficient, effective and timely security service to our internal and external customers
IDP is seeking an experienced Cybersecurity Specialist who can provide extensive practical experience regarding IT security related matters and plan coordinate security tasks based on relevant policies, standards, procedures and best practices. This is a highly critical function as the stability and security of systems is integral to the operations of ICT infrastructure at IDP
In this role you will provide thought leadership and technical support across all cyber security services to ensure IDP’s information assets are appropriately protected and information owners are kept informed of increasing cyber security threats.
The Cybersecurity Specialist will work to ensure that all of IDP’s company's data is kept secure and stable at all times. This will include company files and digital assets, employee data and sensitive customer information. The Specialist will identify and help analyse any possible vulnerabilities and identify unusual activity and react swiftly to prevent or mitigate breaches.
- Providing efficient, effective, and timely security services to our customers Act as key SME for all information security across the organisation.
- Assist with developing and maintaining policies and procedures related to information and cyber security
- Conducting management interviews to get an understanding of how cybersecurity risks are managed across the IDP organisation.
- Developing and conducting a self-assessment survey of the key IT operational areas
- Maintain IDP’s Information Security governance framework, information security policy and compliance requirements
- Engage with key stakeholders to ensure the needs of IDP are met in line with Information security requirements, compliance, and standards
- Perform technical risk and information security assessments, assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
- Assisting with the implementation of security measures for the protection of security classified information and sensitive commercial information
- Oversee the information asset register and assist with managing the IT security risks across the organisation
- Chair Cyber Security Governance meetings where required.
- Hands-on experience managing security incident responses
- Excellent working knowledge of Internet and network security systems and tools including firewalls, load balancers, WAFs, IPS/IDS, PKI and remote access systems.
- Ensure IDP’s organisations networks are monitored for security breaches and investigate violations when they occur
- Co-ordinate vulnerability assessments of IT systems and processes, identifying potential vulnerabilities, to make recommendations to control any risks identified and to ensure they are implemented.
- Facilitate information security and cyber security awareness training to employees and customers via programs and campaigns
- Actively participate and contribute to Business Continuity / Disaster Recovery infrastructure planning, building, and testing
- Maintain Security posture, currency and monitoring and reporting
PREFERRED SKILLS AND EXPERIENCE
- Experience in three or more of the following domains expected:
- Strong background in Security Operations
- DevSecOps experience
- Amazon AWS experience (architecture and well architected frameworks)
- Understanding Networking fundamentals
- Risk Assessment and Management
- Understanding technical IT Security concepts and align to business objectives and value
- Strong communication, presentation, stakeholder engagement and relationship building skills
- Ability to present complex technical and security information into simple, business language
- Strong customer focus and ability to consult with both business and technology stakeholders
- Proven experience in building and deploying IT security services in large complex environments
- Good negotiation and conflict resolution skills
- Ability to influence outcomes and participate in debates/discussions with senior representative
- Demonstrated experience in driving enterprise security architecture.
- Threat Intelligence and Hunting experience, vulnerability assessment and security architecture
- Demonstrated experience of improving security controls by implementing technical controls and processes
- Significant Risk Management experience.
- Experience implementing security controls on private & public Cloud platforms (i.e. IaaS, PaaS, SaaS, AWS, Azure). Amazon VPC design and microservice architecture highly regarded
- Experience with a variety of security tools including vulnerability scanners, SIEM, DLP, Internet content filtering
- Ability to oversee / create / draft security solution designs documents and researching and identifying the business of practical security solutions
- Experience using Security Information and Event Management (SIEM) Tools and analytics (including UEBA)
- Excellent written and verbal communication skills.
- Ability to work in a fast-paced environment with minimal supervision
- Consultative style of addressing issues and solutions with analytical ability to facilitate problem solving
- Excellent at prioritising multiple tasks, managing conflicting deadlines and working effectively in a dynamic environment
- Effective stakeholder management, including globally distributed stakeholders, and an understanding of escalation triggers
- Experiencing developing and justifying business cases
- Experience working cross functionally at senior levels
- Experience in leading the security design and architecture for public, private, and hybrid Cloud based enterprise systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers.
- Proven records in enabling secure delivery of digital innovations under a cloud-first & agile strategy.
WHAT WE'RE LOOKING FOR
- 10+ years’ experience with solution architecture, systems integration, application development, including extensive exposure to SaaS and Cloud solutions.
- At least 5 years’ experience as a senior architect in Architecture Leadership positions. With demonstrable experience in the development and implementation of an Enterprise Level Architecture encompassing both systems and data.
- A confident and natural communicator with a fantastic ability to help a wide range of stakeholders understand the business value of key Enterprise Architecture decisions through concise and effective communications.
- Promoter of close alignment between business and IT by helping to translate architecture issues for business leaders and managers with varying levels of technology savvy.
- Responsive with the ability to start adding value, insights and guidance on our digital initiatives within weeks of your start. You’ll have a penchant for removing blockers and ensuring projects are taking IDP to the right destination.
- A natural coach and mentor, with a thrill of communicating skills and approaches and seeing others grow and develop
- An authoritative communicator with a history of running ARBs that lift the quality and throughput of tech deliverables.
- Confidence to deal with vendors of all sizes being able to determine business value from those engagements.
- Possess a bias for action and a fundamental commitment to quality in delivering services to support customer needs.
- Bachelor’s degree preferred, preferably in the fields of computer science or business systems.
- A security professional with Industry recognised ICT Security technical certifications such as: SC2 CISSP, ISACA CISM, GIAC (SANS), CEH, SSCP, Cisco e.g. CCNA, CCNP, OSCP
- Any Cloud or vendor certifications e.g. AWS, Azure, GCP, Check Point, FireEye, F5, Splunk, SOAR, SIEM, AI
- A minimum of 10 years commercial experience in Information Technology, with at least 5 years in Information Security
WORKING AT IDP
IDP Education’s ongoing success comes from our highly committed and caring employees around the globe. We encourage teamwork in order to leverage our people's diverse talents and expertise through effective collaboration and cooperation throughout our business. We strive to provide a working environment where people are encouraged to excel, be creative and seek new ways to solve problems, take initiative, generate opportunities and be accountable for their actions. We believe in developing dynamic, inclusive work places that encourage and celebrate cultural differences and views, and provide opportunities for personal, professional and career development all around the world. We respect diversity in our people: their ideas, work styles and perspectives as well as offering flexibility to ensure employees enjoy a satisfying balance of work and personal life.