Manager- Privileged Access Management Response

PAM Response Lead
• You are a cybersecurity control professional with a background in Privileged account management, driving hygiene and cyber response
• We are one of the best and most advanced Cyber Security teams in Australia
 
See yourself in our team:
The Privileged Access Management (PAM) crew plays a crucial function within the Group Security division being responsible for designing and deploying effective PAM capabilities and overseeing continuous improvement of the Group’s PAM controls and risk exposures.
As an organisation with a large IT estate servicing millions of customers everyday, we need to ensure effective mitigations are in place to defend our assets against an ever-evolving cyber threat environment. The PAM Response Lead will drive enforcement of appropriate privileged account usage and liaise with other teams to ensure adoption of the relevant policies and guidelines.
We support our people with the flexibility to balance where work is done with at least half your time each month connecting in office. We also have many other flexible working options available including changing start and finish times, part-time arrangements and job share to name a few. Talk to us about how these arrangements might work for you.
Do work that matters

Working with the PAM Crew Lead and collaborating with Control Leads, the PAM Response lead will focus on:

• Providing subject-matter expertise to Technology Crew Leads, Product Owners  and Service Owners.
• Contributing to and driving the strategic roadmap for privileged user access monitoring control capabilities, overseeing control operation, and supporting delivery of control remediation to achieve target risk outcomes.
• Establishing and maintaining privileged account management control standards to align with changes in industry standards, technology strategy and threat intelligence.
• Governing the Group’s compliance with PAM control requirements and supporting the business in tracking remediation of privileged user access events and improvement of overall risk posture.

You will also:

• Ensure privileged user access monitoring operations adhere to the information security policies and identity standards
• Build and run the responder model to investigate any incidents of unauthorized or suspicious activity.
• Carry out annual effectiveness assessments and drive appropriate risk remediation to address identified control weaknesses.
• Continuously evolve the Privileged User Access Monitoring capability to align to the latest threats to the Group (both internal and external)

We are interested in hearing from people who:

• Are knowledgeable about cyber threats and vulnerabilities relevant to user access monitoring.
• Can analyse threat intelligence, identify potential risks, prioritise use cases, and recommend appropriate mitigations.
• Experience with Splunk toolsets (Essential)
• Proficiency in user access monitoring tools (e.g., SOAR)
• Experience with PAM toolsets (CyberArk)
• Understanding of automation and self service capability development
• Strong communication and collaboration skills and proven ability to manage complex work and lead cross-function teams
• Embody the leadership principle of ‘Curious and Humble’ by being willing to speak up and challenge the status quo, and continually expanding their skills and knowledge.
• Can operate effectively in an agile working environment exemplifying high degrees of autonomy and self-initiative to achieve target outcomes.
• Have demonstrated ability to engage and influence stakeholders to build rapport, obtain buy-in and achieve target outcomes.

• Experience with data visualisation tools (e.g., Power BI, Tableau) and proficiency in creating executive-level dashboards and reports.
• Security certifications: CISSP, CISM, or CRISC.(Desirable)

Advertising End Date: 23/02/2025