IT Security Manager
Datacom, New Zealand
Job Description
Our purpose
Here at Datacom we connect people and technology in order to solve challenges, create opportunities and discover new possibilities for the communities we live in
The Nitty Gritty
We have over 6,200 people across our global offices, and generate an annual revenue of over $1.2 billion, this makes us one of Australasia’s largest professional IT services companies. We have extensive expertise in operating data centres, providing IT services, software engineering and application management, as well as payroll and customer service design and operations. With this comes a long list of significant clients Datacom is committed to hiring, developing and promoting the best talent from a diverse range of backgrounds. We are local at heart, yet world-class in capability.
About The Role
The ITSM role in Datacom is an oversight and trusted advisor role with a strong focus on supporting the internal Datacom organisation in the delivery of Managed Services, Application Services and Products where there are security related matters.
The ITSM role also provides Security Governance, Security Advisory, Security Risk Management, Security Reporting and Security Awareness Training to the internal operations of Datacom.
As per the NZISM (and its associated Australian standard), there are certain requirements that an Information Technology Security Manager needs to meet when an agency engages Datacom for the provision of information technology, platform, application services and functions and this role ensures that those requirements are reflected internally too.
What You’ll Do
- Be the central point of contact for information security matters within the company and will greatly assist with incident response and reporting procedure.
- Be responsible for administrative and process controls relating to information security within the internal Datacom environment as it relates to supporting our customer focussed products and services.
- Liaise with vendors, purchasing and legal areas to establish mutually acceptable information security contracts and service-level agreements suitable for deployment into Datacom’s environments.
- Assist in guiding the disaster recovery planning team in the selection of recovery strategies and the development, testing and maintenance of disaster recovery plans in support of both Datacom and customer requirements.
- Develop technical information materials and workshops on information security trends, threats, good practices and control mechanisms as appropriate and provided the requisite input to the Leadership Team and CRMC at the Board level as appropriate and deliver training to relevant Datacom employees internally
- Control the security operations budget, collaborate with internal teams to determine security needs, then develop, implement comprehensive security strategies
- Provide operational management oversight in the form of monthly reporting that spans across cyber security incidents, [i]server patching, security enhancements and the management of elevated permissions
About You
Along with your team, you will be considered the information security experts and as such their contribution to improving the information security of systems, providing input to ICT projects, assisting other security personnel, contributing to information security training and responding to information security incidents are a core aspect of their work.
You will ideally possess the following skills, experience and attributes
- Significant experience (5+ years) in an IT Security Management role with a particular focus on either the Operational, Policy or Risk amp; Assurance aspect.
- Experience within a large complex organisation is ideal for this role, as is any experience within a Managed Services provider
- Strong knowledge of information security topics and an ability to provide advice for the information security steering committee, change management committee and other agency and inter-agency committees.
- A genuine passion for IT Security and maintaining an up to date security knowledge base comprising of a technical reference library, security advisories and alerts, information on information security trends and practices, and relevant laws, regulations, standards and guidelines.