Primary Objective: Assist with strategic direction, ongoing management and technical oversight of Aristocrat’s Global IT Security Technology and Information Security management processes and controls.
- Contributes to framework and definition of the organisation's overall security strategy and develops associated policies for implementation.
- Participates in the design and implementation of physical, logical and environmental strategies and implements plans in concert with the regional facilities managers.
- Provides guidance, oversight and input to IT Project Management teams and ensures IT Projects have effective risk management processes, security provisions and comply with risk management standards, including providing leadership of risk management on major projects.
- Prepares design and functional elements of the security aspects of IT related Projects – responsible for delivery and implementation of technology.
- Work with the Global IT Service Delivery Manager to ensure that Support processes comply with risk management standards.
- Responsible for providing training and communication with all areas of the business to ensure that Security Risk Management is aligned to the needs of the business and that the business understands the role of Security and IT Risk Management in ensuring compliance with Corporate Risk Management principles and policies and general good business practice.
- Work with the Global Infrastructure Solutions Engineers to develop and establish realistic plans to align Security Infrastructure (networks, firewalls, and communications) and Applications (software, databases) with the security strategy.
- Manage the implementation of processes and controls to ensure compliance with IT Security Policy framework, including recommendations for supporting toolsets and configurations.
- Develop and maintain the documentation required to ensure and demonstrate compliance with Risk Mgt and Security policies and standards.
- Directly provide user communication and education plans as required to ensure effective IT Security.
- Manage the IT Group’s response to Internal and External Audit recommendations.
- Assist with Forecasting and manageing the organisation's IT Security operational and capital expenditure.
- Reporting to Senior Management and the Risk & audit Committee on any significant breaches of organisational IT Security.
- Maintaining an up-to-date knowledge of potential threats to IT Security.
- Managing and reporting on the ongoing IT Risk audit process.
- Monitoring of compliance to security policies and procedures.
- Ensuring that Aristocrat has adequate Disaster Recovery Plan (DRP) provisions for identified critical systems.
- Provide daily administration and monitoring of Global Infrastructure Security Technologies and provide appropriate delegation and training to Service Desk as needed to maintain and deploy security technology.
- Maintain good working relationships with not only Aristocrat management, but also regional IT staff, outsourced IT service providers and vendors.
Personal Characteristics/ Background/ Experience
- Minimum Bachelors degree in Information Technology with focus on Security Technologies and Methodologies or equivalent IT Security System tertiary qualifications
- At least 8 years experience in IT Security and Risk Management, with 5 or more years functioning at a senior level.
- Demonstrated leadership, commercial and customer focus, experience in a similar role within a large organization.
- Experience with performing technology and root cause investigations, including using forensic analisys and data collection tools.
- At least 10 years experience in IT related disciplines;
- Certified Security Professional, preferably certified to conduct/prepare for audits against ISO 17799/27001 standards.
- Advanced knowledge and highly proficient at troubleshooting and administering IT Security Technologies; including AV/IPS/IDS/DLP firewalls, networks and platforms, preferably certified (CCSE, CNE, MCSE etc..) either currently or previously.
- Strong analytical and problem solving skills and ability to deliver professional documentation and reports on incidents, technology assesments and self-audits
- Value and outcome focused with an global vision of current and future security trends
- Effective communicator with ability to influence management (mid to senior level)
- Positive and engaging personality, with “Can-do” attitude that is decisive and flexible
- The position requires the ability to travel and work nights and weekends
With over 60 years’ experience and over 2,200 staff globally, Aristocrat has built a reputation as a premium supplier of...