Job title: Cyber Security & Governance Analyst
Job type: Permanent
Emp type: Full-time
Salary type: Annual
Salary: negotiable
Job published: 19-04-2024
Job ID: 36525

Job Description

About the Company

With over 120 years of supporting the medical profession, MIGA is a specialist insurer offering a range of insurance products and services. As a result of business growth, they are seeking an additional Cyber Security and Governance Analyst, to continue building out a strong information security posture.

 

About the Role

This role is crucial in building out MIGA's long-term Cyber Security. This role will work alongside the existing Cyber Security and Governance Analyst and ICT Manager to support the correlation of technical implementations, as well as the internal Security Governance Frameworks and regulations. The successful candidate will establish a strong relationship with MIGA's Cyber Security vendors and join in leading the organisation's overall Cyber Security Strategy. 

 

In addition to this, some of the key responsibilities of this role include:

  • Implementing and maintaining an Information Security Governance Framework (ISGF) and identifying key areas for improvement in conjunction with the ICT team.

  • Actively participating in information security audits and responding to recommendations, especially addressing technical recommendations and uplifts. 

  • Monitoring MIGA’s internal network and cloud systems to identify any security breaches or violations that need to be addressed.

  • Evaluating any risks/vulnerabilities corresponding with any new software/systems that will be implemented to ensure the protection of MIGA’s data. 

  • Building strong relationships with internal Cyber vendors to ensure the alignment of technical practice to internal Cyber Security measures. 

  • Supporting the preparation of IT security risk assessments and management strategies 

  • Executing aligned Security Awareness training for existing and on-boarding staff. 

 

About You

The successful candidate will need to possess a strong Infrastructure background, with significant skills within technical Cyber Security practices. You will be required to have applied understanding of key industry standards and regulatory frameworks. This will ensure the accurate interpretation of technical practices in conjunction with security governance frameworks. 

 

The ideal candidate will also bring:

  • Qualifications in Information Technology/ CompTIA Security+ and/or 3- 5 years’ experience in an IT Governance and/or Technical Cyber Security/Infrastructure role.

  • Experience working with Microsoft and Azure based environments (O365 & Azure) and general IT Infrastructure (Windows, virtualisation, networking & firewalls)

  • The ability to confidently converse (both written and verbally) with vendors, boards, and other business leaders/members.

  • Ability to review IT posture within internal applications and interpret penetration testing and audit reports.  

 

It will be desired to have experience with:

  • Information Security Governance Frameworks (e.g. NIST/COBIT)

  • APRA CPS234 / CPG234 / CPG235

  • ISO27001 & Essential Eight Model 

  • The ability to confidently converse (both written and verbally) with vendors, boards, and other business leaders/members.

  • Ability to review IT posture within internal applications and interpret penetration testing and audit reports.  

 

For more information regarding this role, please reach out to Caitlin Shears on 0451 443 262