Security Assurance Analyst at NZ Qualifications Authority, WellingtonSecurity Assurance Analyst – Permanent, Fulltime Are you passionate about ensuring security and risk management is in place in the digital world? Do you have a passion to do Certification and Accreditation (C&A) the right way? Want to take the next step in your risk assurance career?
We're looking for a skilled Information Security Assurance Analyst to join our Security Team in Information Services. This newly created role has been established to lead our Certification & Accreditation (C&A) assurance work and drive security excellence across the organisation.
About the role As an Information Security Assurance Analyst, you will lead a crucial role in maintaining the security and compliance posture across NZQA's IT environment.
The Security Assurance Analyst role will take ownership of the Certification and Accreditation (C&A) work, ensuring that our systems and processes meet regulatory, industry, and internal security standards. You'll work with cross-functional teams to identify and mitigate security risks, implement controls, and maintain compliance with frameworks such as NZISM, ISO 27001, and NIST. This role is essential in strengthening our cybersecurity posture and you'll be pivotal in creating a culture of security awareness through the programme of work.
Key responsibilities Maintain the organisation's C&A assurance program, aligning with security and compliance frameworksImplement security controls and document C&A processes to meet regulatory and industry standardsIdentify, analyse, and assess security risks associated with organisational IT systems and processes.Recommend, implement, and monitor security controls to mitigate these risks effectively.Conduct regular audits and reviews to ensure compliance with internal policies and industry standardsWho we are looking for Expertise in information security best practices, risk management, and complianceExperience with frameworks such as NZISM, ISO 27001, and NISTCertifications such as CISSP, CISM, or CISA preferredA collaborative approach, excellent communication skills, and a passion for cybersecurityConfidence in managing multiple stakeholders, both internal and external.Drive and confidence to take ownership of problems.What we can offer: A supportive teamA role with lots of varietyDevelopment and career progression opportunitiesApplications close at 5.00 pm on 3 December 2024.
#J-18808-Ljbffr