Chief Information Security Officer
Job Purpose Flight Centre Travel Group (FCTG) is seeking a forward-looking leader to provide direction for the security technologies and capabilities within its Australian and New Zealand (ANZ) businesses, and drive the regional security practice. The CISO will have a strong understanding of security and privacy principles, and a sound understanding of the regulatory environment affecting the business. The CISO requires a keen understanding of the business drivers affecting security within the company, and leads the design, implementation, operation, and maintenance of the information security management system within the company.
Accountabilities Security Risk Management Work with CIO and Risk to identify risk exposure and manage the security risk to the organisation within the risk appetite Review and evaluate new security technologies and practices for introduction into the organisation to reduce risk Implement a systematic and structured process for the identification and management of security risks Security Governance Review, maintain, and disseminate security policies in line with FCTGâ€™s risk appetite, security strategy, relevant laws and security standards, and best practice Implement, monitor and review security controls in accordance with the organisationâ€™s security policy and business drivers Lead the implementation and management of an internal and external audit and security testing program to validate compliance with security policy Monitor new threats as they evolve and adjust risk management plans and security controls as necessary Assess the security of 3 rd parties with whom FCTG ANZ has a requirement to share information or business processes Ensure regular meaningful security reporting occurs Security Management Lead the design, implementation, operation and maintenance of the information security management system for the ANZ businesses Work with architecture and delivery teams to ensure projects and applications are designed and implemented in line with security policy and best practice Manages FCTG ANZâ€™s business continuity capability and conducts workshops and tests to validate its effectiveness Initiates, facilitates, and promotes security awareness activities across the FCTG ANZ and acquired businesses Liaise with business and project stakeholders as required to provide security guidance and input Integrate security activities in contracts and operational processes, such as development, employment, and procurement Incident Response Manage and maintain Incident Response procedures Supervise the conduct of incident response workshops Assist with incident response to security incidents Ensure security learnings are recorded, and improvement strategies are tracked and delivered Skills and Experience Minimum five yearsâ€™ experience in information security or technical operations role Minimum two yearsâ€™ managerial experience in an information security leadership role In-depth knowledge of Risk....