x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Browse Jobs
Companies
Campus Hiring
News
Download App
Employers
View All Jobs
Jobs in Australia
Jobs in Australia   »   Jobs in Canberra   »   Quality Assurance / Control Job   »   Governance, Risk, Compliance & Vulnerability Management Manager
banner picture 1 banner picture 2 banner picture 3

Governance, Risk, Compliance & Vulnerability Management Manager

Leidos

Leidos company logo
Job Type   /   Job Level
Full-time   /   Manager
Job Location
Canberra, Australia

We have an ongoing opportunity for a Governance, Risk & Compliance (GRC) and Vulnerability Management (VM) Manager to join our team delivering comprehensive cybersecurity services to support the Australian Defence Forces. 

This role requires an understanding of the needs of the end user, the ability to provide cyber security assurance and advisory services in a secure environment and has scope for you to improve the customer’s operational capabilities. You will head the GRC and VM areas for our customers networks and be responsible for ensuring compliance with the applicable Information Assurance (IA) frameworks, policies, and standards with particular focus on the Information Security manual (ISM) and Defence Security Principles Framework (DSPF). You will also be supporting cyber security risk management activities, including the assessment and mitigation of vulnerabilities exploitable by relevant threats. Your responsibilities will include the following: 

  • Support the customer in the ongoing governance of the cyber security services across multiple networks. 
  • People leadership and management of the GRC and VM teams. 
  • Accountability for the GRC and VM functions and delivery of artefacts.  
  • Perform and investigate internal and external information security risk and exceptions assessments. Assess incidents, vulnerability management, scans, patching status and secure baselines, reporting on compliance to the customer. 
  • Implement risk management framework including the management of the Cyber Security Risk Register, ensuring documented and sustainable compliance that aligns and advances the environments.  
  • Evaluates risks to develop and implement security standards, procedures, and controls to manage risks.  
  • Quality assure GRC components of artefacts, reports, and other outputs. 
  • Review and update policies, standards and processes for accuracy, completeness, and currency. 
  • Improve the security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.  
  • Conduct day to day reviews of operational security challenges and provide input into change control. 
  • Assessment, ongoing reporting and tracking of vulnerabilities to ensure stakeholders understand the associated risks, gaps and remediation activities required. This is to be completed in collaboration with Industry partners. 
  • Management of ongoing accreditation for the networks including routine document reviews, development and/or review of supporting artefacts such as SRMP, SSP, SSP-A, SOPS, etc. 
  • Professional development of team members; and 
  • Management of multiple stakeholders. 

Sharing is Caring

Know others who would be interested in this job?
© 2024 Jobstore. All rights reserved.