• Own the full lifecycle of cyber security assessment - NIST CSF and ASD Essential Eight
• Highly autonomous role; someone who is a self-starter and with a keen ability to effectively plan ahead will suit this role.
• Competitive salary and NFP benefits offered
• Flexible Work-from-home and visits to a selection of the Society's offices and sites
• Applications are open nationally, work from any state
• Maximum term contract, 6-8 months; full-time

What we do

The St Vincent de Paul Society is a leading provider of community support services and has been assisting people experiencing disadvantage in NSW for more than 130 years. Our people reach out to the most vulnerable in our community through our Conferences, Special Works and Vinnies shops. The Society's mission is to shape a more just and compassionate society by offering a 'hand up' approach to people in need respecting their dignity, sharing our hope and encouraging them to take control of their own destiny

The Role

Evaluate the Society's cybersecurity processes and activities in line with the NIST CSF and provide your recommendations and input into the cybersecurity strategy. Deliver your report on threats and vulnerabilities and provide recommendations for improvements where needed. Bring your in-depth knowledge of cybersecurity and problem solving to bear to achieve help safeguard Vinnies, a charity trying to do good in a world that needs us. This is a highly autonomous role where effective planning and outcome-focused thinking will be key to delivering results within expected timeframes. You will engage with members of the National Technology Group located in different states, interstate travel may be required to conduct the assessment.

You will be accountable for but are not limited to:

• Planning and conducting NIST and ASD Essential Eight security assessment across all the Society jurisdictions.
• Proactively engaging with members of the National Technology Group (NTG) to coordinate and conduct assessments.
• As needed, traveling to each of the Vinnies state to undertake target reviews of controls in each state; conducting interviews across Teams and Zoom to augment physical site visits.
• Performing security reviews, risk analysis, and identifying gaps in governance, compliance strategies and practices.
• Providing a comprehensive report on all findings including recommendations to mitigate threats and strengthen the Society's cybersecurity capability.

Please click here for a copy of the Position Description, which provides the full role requirements.

To be successful in this role, you will need:

• Tertiary qualification/s in Information Technology, Computer Science or related field or Bachelor of Cyber Security and Criminology.
• Certified Information Systems Security Professional (CISSP).
• Other relevant certifications / qualifications for example, Security+ and other vendor related security certifications.
• Proven experience in conducting information technology compliance assessments across the NIST Cybersecurity Framework (CSF) v1.1, the ASD Essential Eight and the Essential Eight Maturity Model.
• Good working knowledge of current cyber risks and trends.
• In-depth knowledge and experience of next-gen technical architectures, cloud infrastructures, networking infrastructures, evolving business practices, development practices, finding innovative ways to enable secure business practices and strong risk management skills.
• Zero-trust architecture and identity management experience required.
• Ability to examine, interpret, document and evaluate security strategies and defences to determine security and business impacts.
• Familiarity with Risk Management; with cyber threat hunting and vulnerability management.
• Strong organisational, administrative and project coordination skills, ability to effectively manage multiple priorities, exercise sound judgment, ask questions and be open to the input and decisions of others.
• Travel interstate if needed.

Come and join our team!

We believe our employees are key to our success and in return we offer:

• Job satisfaction working as part of a team making a difference to people's lives in an organisation that cares about people.
• Generous salary packaging benefits to employees where a portion of take-home pay is tax-free.
• In addition to excellent learning and development opportunities, as a large purpose driven organisation we provide potential to grow your career across a range of teams and services.
• Supportive, friendly and values driven team environment and culture.

Prior to an offer of employment, preferred candidates will be required to complete the pre-employment checks including a Police check, Working with Children check, Health Declaration and/or a medical check and right to work in Australia. The Society is committed to being a Child Safe organisation, further information can be found in the Society's commitment toSafeguarding Children & Young People.

If you have questions about this role, please email Warren Havemann (Chief Information Officer) at [email protected], quote Cybersecurity Assessor/VIN2462 enquiry via EthicalJobs.

Please submit your application online, attach your CV and your responses to the role-specific criteria listed above.

St Vincent de Paul Society (NSW) is an Equal Employment Opportunity Employer and is committed to engaging a diverse workforce. The Society strongly encourages applications from people from Aboriginal and Torres Strait Islander background, people with disability, people from diverse cultural and linguistic backgrounds and mature aged applicants.