IT Security and Support Specialist

Job Title: IT Security and Support Specialist
Contract Type: Permanent
Location: Sydney
Reference: 430780
Contact Name: Jason
Contact Email:
Job Published: June 29, 2020 09:45

Job Description

This newly created position has been developed in order to more closely monitor and identify areas for improvement within this organisations Security systems and controls. 

The purpose of this role is to support ICT security operations by
ensuring appropriate information and security controls are established and maintained in accordance with policies. You will ensure the correct systems, protocols and policies are in place to protect against current and emerging threats.

Broadly this role will be responsible for:
  • Reviewing the current environments (Office 365 and Azure) and making recommendations to improve security.
  • Choosing and implementing an IT security framework (ISO27001, NIST, CCM) that suits their infrastructure.
  • Improving the reporting on the environment using Splunk or similar SIEM.
  • Preparing weekly Security reports.
  • Ensuring the adoption of a number of new policies and procedures recently released by a related department.
  • Mentoring and supporting a more Junior team member.
  • Attending monthly SLT meetings as part of the leadership team.
This is a hands on and strategic role, you will need to be comfortable with (and have recent experience of) rolling up your sleeves and configuring systems including Azure. We are really looking for a pro-active Specialist, this is a small environment and one in which you must show the drive and enthusiasm to seek out best practice and adopt suitable emerging trends. The organisation is security sensitive and there is ample budget set aside for improvements.

ESSENTIAL Requirements:
  • Microsoft Azure Security Certification (AZ-500) Mandatory
  • Microsoft 365 Security Administration Certification (MS-500) Mandatory
  • Firewall certified (Sophos ideal) Mandatory
  • SEIM certified Mandatory
  • Experience in ICT Security Frameworks (ISO, ISM, PSPF) Mandatory
This role is responsible for 3 key areas:

1. Cyber Security Framework

Establish and maintain:
  1.  A governance framework (standard policies and procedures) which provides a best practice organisational capability to effectively identify and respond to incidents.
  2. An ICT Security Incident Response Plan which details the processes for mitigating potential risks and providing a best practice response.
• Lead security testing protocols and activities in accordance with the established governance framework.
• Continually research the external environment to identify security enhancement opportunities.
• Continually keep abreast of emerging trends in ICT related threats.
• Design and deliver security training and education services to end users
Cyber Security monitoring and administration.
• Continually review and enhance the effectiveness of operations within the ICT security function.
• Monitor the cloud-based environment for security issues including Azure and Office 365.
• Complete regular IT Security self-assessment against applicable security framework.
• Review new systems for compliance with cyber security policies.
• Investigate, respond to, resolve, and report on security incidents / issues.
• Ensure end points are configured with modern security software and updated regularly. 

2. Reporting

• Prepare reports for key stakeholders (including the Senior Executive Team) which provide visibility and assurance regarding ICT security issues, risks and enhancement opportunities.

3. ICT Support

• Lead and participate in Corporate projects as and when opportunities arise
• Provide ICT support for a small team
• Ensure the necessary ICT training and education services are provided to end users
• Provide service support to employees
• Ensure efficient operations within the ICT function
• Manage and support other business connectivity devices such as iPhones and iPads
• Ensure all policies, procedures, guidelines, manuals and system documentation relating to core systems are reviewed and updated periodically

This is a high profile run within an organisation who are committed to improving their security processes and controls. You will enjoy a work/life balanced environment, 2 days a week wfh and the opportunity to increase your knowledge and skills.

If this sounds like you, send your CV in the first instance to the link provided.