Information Security Analyst
Sympli is a collaboration between InfoTrack (Australia’s leading provider of e-Settlement technology and services) and the Australian Securities Exchange (ASX). Sympli will offer lawyers, conveyancers and financial institutions a streamlined and comprehensive technology solution that will seamlessly integrate with existing practices and systems.
The Information Security Analyst will be assisting the Information Security Manager in the maintenance and continual improvement of the Information Security Management System for Sympli; and other Sympli Information Security related responsibilities. This position will be responsible for protecting Sympli intellectual property, regulated data and reputation.
The role & Responsibilities
This position will report to the Information Security Manager.
Some key responsibilities will include:
- Assist in the management and operation of the ISMS framework and the development and maintenance of information security policies, standards, and procedures.
- Ensure that all personnel are fully informed of their obligations and responsibilities with respect to information security policies, standards and procedures.
- Assist in delivering IT security education, training and awareness for all Sympli personnel.
- Participate in the development and maintenance of current and future state security architectures.
- Participate in IT system and application design and implementation reviews to ensure that our product/platform will comply with Sympli policies and best practices.
- Identify security requirements for new applications and services.
- Assist in the monitoring of the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
- Assist in the preparation of reporting to Executive Group, Audit, and Risk committees (risk of ISMS internal audits, management reviews and information security incidents and events).
- Conduct security and risk assessments of information systems and services.
- Monitor Security Information Event Management (SIEM) alerts and other related security technologies and investigates security events.
Knowledge and Experience
- Minimum of 3 years’ experience in IT roles with at least 1 year specialising in information security and security-related technology strategies. (Preference for experience within regulated environments/financial services).
- IT security accreditation (e.g. CISSP).
- Proven experience in developing and executing information security policies and procedures.
- Good technical and architectural understanding of IT Security principles associated with networks, internet, email, operating systems, firewalls, VPN’s, databases, virus management, cryptography, IDS/IPS, and access management.
- Solid consultative skills, with the ability to communicate complex concepts to technical and non-technical audiences.
- BS/BA degree in Business Administration, Information Technology / Information Security, Security Studies, or equivalent field experience.
- Working knowledge of common information security management frameworks, such as ISO/IEC 27001.
- Working knowledge of the technology and services employed in AWS Cloud environments.
- Results orientation with proven ability to mobilize and energize large, complex cross-functional teams to implement creative out of the box solutions.
- Proven ability to work and communicate effectively with teams from different fields of expertise.
- Working knowledge of the information security industry’s best practices on Cloud based environments.