Information Security Manager
Spark
Auckland, NZ
22h ago

Who We Are

Qrious is a solutions business, passionate about leveraging the power of data to enable our customers to grow in intelligence and thrive.

We are the data explorers, innovators and inventors at the edge of technology, striving to connect intelligent information to organisational challenges, for people to use effectively every day.

We enable New Zealand's best and brightest organisations to do more and be better. Every day, we push ourselves and our customers toward greatness.

Qrious Limited is owned by Spark NZ and offers a range of products and consulting services including Data Powered Marketing, Data Platforms, Business Intelligence, Data Warehousing, and Advanced Analytics.

Vision For Role

We are looking for an experienced ISM to own and operate Qrious ISMS and also to provide security consultancy to Qrious teams.

Functional Responsibilities

The functional responsibilities will include :

  • Own the implementation and adherence to policies and standards that guide and support the Qrious information security strategy
  • Communicating with Qrious Leadership Team to ensure support for the information security program
  • Conduct Risk management activities (risk assessment, gap analysis, business impact analysis, etc.) to help the Qrious reach an acceptable level of risk
  • Report significant changes in information risk to appropriate levels of management for acceptance on both a periodic and an event-driven basis.
  • Advising and making recommendations regarding appropriate personnel, physical and technical security controls
  • Managing the information security incident management program to ensure the prevention, detection, containment and correction of security breaches
  • Reporting appropriate metrics to Qrious Leadership Team
  • Managing security incidents and any other security violations
  • Maintaining a Qrious wide information security education and awareness campaign
  • Coordinating with vendors, auditors, executive management and user departments to enhance information security
  • Participating in various audit activities for ISO 27001 and 27701
  • Participate in pre-sales activities
  • Provide information security advice and guidance (e.g., risk analysis, control selection) at Qrious.
  • Experience and Qualifications

  • At least 3+ years' experience in the Governance, Risk and Compliance
  • You must be a highly motived and must be able to work alone if needed
  • You must be able to juggle multiple projects
  • You must have some level of consulting experience
  • You must have some level of client facing experience
  • You should be able to explain complex cybersecurity concepts to anyone
  • University education preferred but if you've the skills then it is not a must have
  • Certifications such as CISM is beneficial but not a must have.
  • Health and Safety

  • Be safe - take all reasonable precautions while at work to ensure your own safety and the safety of your colleagues and the public.
  • Work in a safe manner and follow our health and safety procedures. If you are untrained, not competent or unsure of a task, ask your manager first.
  • Tell us about new hazards, tell your manager or workplace Health and Safety representative / coordinator as soon as possible on the day.
  • Tell us about health and safety events (incidents and accidents), tell your manager or workplace Health and Safety representative / coordinator as soon as possible on the day.
  • Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form