Chief Information Security Officer
TURSA is currently seeking an experienced IT professional with demonstrated leadership experience in the newly created role of Chief Information Security Officer.
Based in Tweed Heads, NSW and only minutes away from the golden sands of Coolangatta Beach this is an exciting opportunity to join a large not-for-profit organisation that provides employment and training services to the most vulnerable and disadvantaged members of our community.
Reporting directly to the TURSA Board, the role is a senior leadership position and member of the Chief Officers Group which is responsible for the long-term growth, profitability and sustainability of the organisation through achievement of its aims and objectives. The Chief Information Security Officer will provide strategic direction to the Board regarding the organisations information security requirements under government contracts, accreditation and legislation whilst also ensuring the company remains abreast of technological advancement in a dynamic and fast changing environment. They will be responsible for the continuous monitoring and improvement of TURSA’s ISMS, and ensure compliance with our requirements under ISO27001 and Right-Fit-For-Risk.
A highly competitive salary package will be negotiated with the successful applicant including provision of a fully maintained vehicle. TURSA offers its staff above Award salaries and employment conditions, including a 9-day fortnight, salary packaging, and 12% superannuation contributions.
TURSA encourages people to apply who are willing to relocate and enjoy the superb lifestyle the Southern Gold Coast and Northern NSW has to offer.
Applicants should not canvass current TURSA staff in respect to their application.
Application details and procedures are set out as follows:
- Selection Criteria
- Position Overview
- Application Procedure
- Medical Examination
- Federal Police & Child Protection Checks
|Chief Information Security Officer|
|1||Minimum 5 years' experience in a similar Information Security leadership role|
|2||Minimum degree qualification in Cyber Security or other relevant field|
|3||Commitment and capacity to complying with contractual and organisational requirements including operating confidentially within a commercial, competitive environment|
|4||Motor vehicle driver’s licence with preparedness to travel with possible occasional overnight stays|
|POSITION:||Chief Information Security Officer|
|SUBSTANTIVE GRADING:||Above award. A very competitive salary package as negotiated, and will include full usage of a fully-maintained vehicle appropriate to the position.|
|ACCOUNTABLE TO:||The Board of Directors, or nominee, as determined and delegated by the Board of Directors from time to time|
|As at:||7th December 2021|
|OBJECTIVE:||To achieve ethically and in compliance with organisational objectives, standards and policies, legislative requirements, and contractual obligations, and in accordance with the needs of clients, levels of administration and performance that:
|SCOPE:||The Chief Information Security Officer is responsible for:
- The Chief Information Security Officer (CISO) and will comply with TURSA’s Information Security – Incident Response Plan (ICT002). The role of CISO is responsible for:
- Overseeing TURSA’s cyber security program. Providing cyber security leadership and guidance to the organisation, and ensuring the organisation is compliant with cyber security policy, standards, regulations and legislation.
- Ensuring they are fully aware of all cyber security incidents within TURSA and overseeing the response to cyber security incidents
- Reporting cyber security matters to the Board of Directors
- Regularly reviewing and updating TURSA’s cyber security program – addressing cyber threats and harnessing business and cyber security opportunities
- Implementing cyber security measurement metrics and key performance indicators
- Contributing to the development and maintenance of TURSA’s business continuity and disaster recovery plan
- Coordinating cyber security risk management activities with the Chief Officers Group
- Receiving and managing a cyber security budget and work with the suppliers and service providers to oversee cyber supply chain risk management activities
- Overseeing the development and operation of TURSA’s cyber security awareness training program
- Developing and maintaining a cyber security communications strategy for TURSA
- Overseeing the management of the cyber security personnel
- Co-ordinating the Information Security Committee
- Provide oversight and continued compliance with Right-Fit-For-Risk requirements and liaising with the necessary internal and external stakeholders.
- Source, enter into agreement with, and manage external vendor relationships necessary to fulfill the objectives of the role.
- Analyse, as required, performance and activities under his/her management to enable prompt identification of performance issues, and facilitate action to redress expeditiously any performance or compliance problems; such action will include designing and implementing corrective action plans, and follow up measurement and reporting of outcomes of such plans on addressing issues or practices
- Co-ordinate initiatives, continuous improvement and best practice strategies, provide support to and liaise with other Chief Officers in such co-ordination, and provide effective communications between management, staff, and senior management
- Provide reports on activities and performance to meetings of the Board of Directors
- Prepare as required in consultation with other Chief Officers budgets, and forward planning of activities and resources to maximise performance
- Oversight tender processes, purchases and contracting for significant infrastructure in conjunction with the Board and the Chief Financial Officer in accordance with organisational policies
- Ensure cost efficient, performance effective delivery of services and programmes to comply with contractual and budgetary guidelines, timelines, performance indicators, applicable legislation, and organisational constraints
- Identify and develop strategic planning initiatives and/or review of existing activities
- Ensure compliance by managed staff with all relevant legislation e.g. Privacy Act, EEO, WHS, Anti-Discrimination Act, applying to Tursa Employment & Training under its Deeds, contracts and in law generally, as well as TURSA standards and policies
- Monitor and ensure compliance with regulatory frameworks and standards in conjunction with other Chief Officers that reduce the risk of cybersecurity for TURSA including oversighting ongoing reviews and monitoring of all IDT system capacity and operations.
- Carry out such other activities consistent with TURSA’s objectives, programmes, and services as determined and delegated by the Board of Directors.
Applicants are requested to follow the following format in applying for employment:
- Address all of the selection criteria in a concise and relevant manner in your letter of application or as a separate (preferred) attachment to your letter of application (no more than ½ page per criterion - just a simple statement of fact as to why you believe you meet the criterion will suffice). Objective, quantitative evidence is desired to support your claims. (Please note: The submission of Selection Criteria is essential for applications to be considered.)
- Attach a copy of resume with details of three recent, relevant referees, and copies of any qualifications
- Please clearly identify your preferred Site(s) or geographical area
- Please place a footer on each page of any application letter, resume, and addressing of selection criteria stating your name, date and the position applied for
TURSA reserves the right to appoint applicants prior to the closing date.
Tursa Employment & Training reserves the right to require applicants to undergo a medical examination before offering employment.
Successful applicants will be required to provide evidence of their COVID-19 vaccination immunisation record or medical contraindication certificate (the collection, handling and storage of such information provided, will be undertaken in accordance with the security requirements of the Australian Privacy Principles).
Federal Police and Child Protection Checks:
Successful applicants will be required to undergo Federal Police and relevant State Child Protection Checks before confirmation of employment.
All jobs offers will be subject to satisfactory reference checks.