Information Security Specialist – GRC experience

Job details

Location: NSW - Sydney
Reference: Ad-49210
Posted: 6 months ago

Job description

The Information Security Specialist's core function is to promote the defined enterprise security posture through policy, architecture, design and implementation processes. Secondary tasks include the identification, investigation and resolution of security incidents detected by monitoring systems; the selection of appropriate security solutions, and oversight of any vulnerability audits and assessments.


  • Have a strong understanding of SOX IT general controls tracking and reporting.
  • Maintain and drive compliance with internal cyber security policies and practices designed to protect sensitive corporate assets and ensure compliance data privacy standards and compliance with applicable laws and regulations.
  • Design and execution of vulnerability assessments and penetration tests.
  • Develop and maintain standards to ensure the confidentiality, integrity and availability of the data residing on, or transmitted to/from/through, enterprise devices, servers, systems and databases.
  • Participate in forensic investigations into problematic activity.
  • Maintain and share with the team up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
  • Working with the IS team for deployment, integration and initial configuration of all new security solutions, and of any enhancements to existing systems, is performed in accordance with standard operating procedures and the enterprise's security policies.


  • Ability to continuously analyse and adapt Information Security practices according to external threats and internal needs.
  • Proven experience in Information Security or GRC roles.
  • Demonstrable experience in SOX and IT General Controls.
  • Experience with application security, network/infrastructure security and cloud security would be an asset.
  • Experience and familiarity with industry's latest tools for penetration testing, forensic analysis, scanning.
  • Strong Communication skills; proven ability to collaborate with stakeholders as well as creating/maintaining documentation.
  • Demonstrates ability and passion to continuously learn all things security! Participates in personal projects and/or industry events.

If you are interested in this position and feel that you meet the criteria, please send your CV to for more information.

This job has expired!