Information Security Analyst

Genesis IT&T Pty Ltd

The Information Security Analyst will be responsible for performing risk analysis, data analysis and audits.

  • Brisbane location
  • 12-month fixed term contract - with the view to go permanent
  • Banking and Superannuation domain 
Skills Required:
  • Understanding of security standards and frameworks like ISO 27001, PSPF, ISM, VPDSF.
  • Assessing security controls based on Cyber Security principles and tenets (e.g., CIS CSC, NIST SP 800-53, Cyber Security Framework, ISMS, CPS 234 etc.)
  • Ability to apply Cyber Security and privacy principles to organisational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation
  • Contribute to the development and implementation of the Enterprise Risk Management business plan
  • Understanding of technology, management, and leadership issues related to organisation processes and problem solving
  • Experience in providing strong customer service ‐ respond promptly to customer needs; take a customer‐centric approach to problem solving; solicit customer feedback to improve service; respond to request for service and assistance; meet commitments;
  • Validate and implement ITGC controls mainly for change management controls and logical security controls at an application. Being able to understand and identify control needs for database and operating system level.
  • Ability to identify deficiencies ensuring that remediation plans address the root cause effectively, as well as, monitoring remediation plans through completion.
  • Assess the controls implemented on existing or new solutions based on a risk approach and perform reporting on the status of such assessments.
  • Maintain up-to-date technical expertise through formal and self-training. Leverage emerging technologies to bring insightful solutions and add value to technology stakeholders.
  • Strong Project Management Skills to coordinate with various business and internal stakeholders
  • Strong Experience performing risk analysis and audits
 Additional Preferred Qualifications:
  • Certification in auditing, controls and risk management like Information Security Auditor (CISA) or ISO 27001 Lead Auditor
  • Certification in Cyber Security like CISSP, CISM, CGEIT etc.
  • Strong understanding of Audit and Controls like NIST 800 Series, APRA, ISO 27001 etc