Head of Information Security

About The Job Head Of Information Security

Join Our Team and Shape the Future of IT Managed Services Solutions!

About The Role

We are seeking an experienced Head of Information Security to join our team, focusing on establishing and maintaining a comprehensive security program to ensure that Experteq and its client's assets and systems are adequately protected. You will lead the Infosec team to maintain and improve information security across a broad and dynamic range of services and clients, ensuring assurance.

About Us

Experteq is a proudly Australian-owned IT Managed Services Provider (MSP) and Professional Services Consultancy with over 30 years of experience. We deliver innovative technology solutions to more than 50 clients in the banking, finance, corporate, and government sectors nationwide, including 30% of Australia's Authorised Deposit-taking Institutions.

With a rich history and extensive experience in one of Australia's most regulated industries, our high-performing teams excel in collaborating with clients who demand the highest levels of security, compliance, and regulatory standards. We offer deep technical expertise across a comprehensive range of services, including trusted private and public cloud solutions, end-user services, and business optimisation.

What You Will Do Here

• Team Leadership: Mentor and develop a high-performing team ensuring relevant individual capabilities and certifications are maintained.
• Operational Management: Accountable for delivering all Infosec responsibilities stated in the policy framework and for ensuring existing policies and procedures are effective and reviewed regularly. Manage routine reviews such as penetration testing, compliance programs, and audits. Ensure compliance with all agreed frameworks including managing the audit programs for SOC2 Type 2, PCI DSS, and others as required, ensuring no non-compliance findings.
• Vulnerability Management: Identify potential vulnerabilities and ensure remediation is completed in accordance with service levels.
• Incident Response: Establish and maintain a corporate-wide information security incident response plan to ensure timely and effective management of security incidents including breach detection, investigation, and mitigation.
• Collaboration: Work closely with internal teams, including sales, technical, and support teams, to ensure cohesive service delivery and address any cross-functional issues that may impact clients.
• Security Improvement: Drive enhanced security by designing, implementing, and maintaining adequate information security controls.
• Risk Management: Identify potential security risks and implement mitigation/remediation strategies and activities.
• Governance: Ensure Service Development Life Cycle compliance across all company activities and lead the Information Security Council (ISC) governance forum.
• Reporting: Prepare and deliver reports for internal forums such as the ISC highlighting information security risks.
• Stakeholder Engagement: Engage with other internal departments to ensure alignment and support for security service activities and initiatives.
• Client Engagement: Manage client-facing information security services, including presenting regularly to senior executives and board members.
• Client Education: In conjunction with marketing and the CISO, propose topics for client education forums and round table discussions and present as necessary.
  
  

Who You Are

• Qualifications and Experience:
• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field.
• Professional information security certifications (CISSP, CISM, GIAC, or equivalent) are highly desirable.
• Membership of relevant information security associations (e.g., AISA, ISACA).
• Knowledge of common information security management frameworks including APRA CPS234, PCI-DSS, ISO 27001, SOC 2, and NIST.
• Strong understanding of the business impact of security tools, technologies, and policies.
• Experience managing information security teams.
• Deep understanding of information security fundamentals including a broad awareness of Information and Communications Technology.
• Strong working knowledge of operational information security.
• Broad and current understanding of a wide range of technologies from an Information Security perspective.
• Skills and Competencies:
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
• Excellent data analysis skills.
• Strong understanding of risk assessment and management and the ability to analyse and report on information security issues in risk terms for both Experteq and its clients.
  

Why You Will Love Working Here

• Meaningful Flexibility: Enjoy a flexible 'dress for your day' office culture and a hybrid work environment with 2 days in the office and 3 days remote each week, along with flexible hours around core work times.
• Centrally Located: Our office is centrally located in Sydneys CBD just half a block from the QVB, making commuting on office days a breeze!
• Tech Perks: We'll provide you with a powerful laptop and a monthly mobile phone allowance.
• Discounts: Enjoy staff discounts across various services including finance, health, real estate, and retail.
• Social Connections: Connect, learn, and socialize through regular team lunches, activities, learning opportunities, industry events, forums, and celebrations.
• Employee Support: Benefit from study leave assistance, health and well-being support including a Mental Health First Aid officer, access to a confidential EAP, and annual flu shots.
• Leave Benefits: We offer 12 weeks of universal parental leave and a day off to celebrate your birthday.
• Career Advancement: Grow your career with opportunities to work on innovative and diverse projects across various industries and technologies. We'll work with you to tailor a career progression plan and development goals to keep you challenged and growing.
• Awards & Recognition: Your hard work and loyalty will not go unnoticed. We offer service awards, celebrate your achievements, and have an employee referral program for successful new staff member referrals.
  
  

Diversity And Inclusion

We embrace diversity and inclusion that benefits everyone. We are proud to be an equal-opportunity employer that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment.

Note To Recruitment Agencies

Unsolicited resumes or profiles sent to any employee will not be accepted.