The security analyst plays an integral part in the development, implementation, and compliance of technical security across Alinta Energy. The analyst is responsible for managing risks related to information security, physical security, business continuity planning, crisis management, risk management, privacy, and compliance.
In addition, the role ensures all staff across Alinta at all levels are trained on enterprise and security requirements through awareness programs.
You will responsible for:
- Monitor the performance of network, system and application security solutions to identify and bring to attention breaches and potential intrusion incidents
- Investigate minor security breaches within a defined area of responsibility to maintain the compliance with internal security policies
- Develops and implements security standards, processes and procedures, and guidelines for the business
- Develop and implement IT risk management and business continuity plans in conjunction with changing business needs
- Monitor security compliance across the Alinta Energy business ensuring industry and government rules and regulations are adhered to
- Ensures security compliance and meets all service-level agreement requirements
- Reportss security performance against established security metrics
- Maintain up to date knowledge on current and future security threats and vulnerabilities
- Arrange and manage audits and vulnerability test, along with remediation tasks
- Facilitate the update and maintenance of IT Risk register and IT input into the Enterprise Risk Register
- Follow up to ensure risk mitigation actions are completed in accordance with agreed plans
- Facilitate IT input into Alinta Business Continuity Planning
Create an information security awareness program to ensure staff members across the organization understand the trade-off between risk and return
This is an outstanding opportunity to expand your industry experience within a supportive team environment. You will be working autonomously using your own initiative and judgement.
What we're looking for:
- Technical expertise in network/infrastructure security knowledge, to include VPN, Firewall, network monitoring, intrusion detection, web server security, and wireless security.
- Experience in running the information security office analysing and applying information security, risk management, and privacy practices
- Knowledge of national and international regulatory compliances and frameworks
- Ability to react to high pressure dynamic changing environments
- Ability to train security concepts
- Demonstrated skills in understanding business requirements and relating to technology capability; either utilising existing or evaluating alternative technologies
- Ability to gather and analyse user requirements, and guide users towards an appropriate solution
- Understanding of effective change management
- Microsoft Office skills, such as; MS Project, Excel and Vision
- Certified Industry System Security Professional (CISSP)
- Energy Utilities Experience
- Relevant Tertiary qualification