Senior Cyber Governance and Risk AnalystFlexible

• Ability to support and influence some of Australia’s most iconic retail, industrial and health businesses
• Work collaboratively with our cyber security community across the Wesfarmers Group
• Flexible, supportive work environment and work from home options
• Full-time permanent role based in Melbourne (we would consider Perth or Sydney)
• Attractive base salary + super + incentives + team member benefits

About the team

Our Group Cyber Security team is responsible for leading strategy, architecture and risk approaches for cyber security across the Wesfarmers Group to ensure objectives are met and that we operate within risk appetite. In addition, the team coordinates incident response and intelligence activities across the Wesfarmers Group (for significant events) while partnering with our businesses to improve their cyber threat preparedness.

What you’ll do

Reporting to our Cyber Governance, Risk and Oversight Lead, this newly created role will:

• Operate proactively to establish strong and effective relationships with a diverse range of stakeholders
• Support the definition and development of group-level cyber security governance policies, standards and frameworks ensuring they align with overall business objectives and regulatory requirements
• Support the group-level cyber security risk management program
• Collate and analyse data from across our businesses and provide consistent and transparent reporting on key cyber security metrics
• Continuously review and improve group-level cyber security reporting ensuring a consolidated view of all risks, trends and performance
• Stay up to date with emerging trends and best practice to support the alignment of any cyber security governance, risk and oversight activities

What you’ll need

• At least 8 years’ experience in a similar role within a large, complex organisation
• Industry certification in ISO 27001 (Lead Implementer or Auditor)
• Knowledge of FAIR methodology and its practical application in conducting cyber risk quantification
• Knowledge and practical application experience of NIST CSF, NIST 800-53
• Significant experience in establishing a Security Governance Framework including policies, standards etc. aligned with ISO 27001 standard (ISMS)
• Significant experience in conducting security risk assessments
• Strong experience in control frameworks, designing security controls and operating effectiveness criteria for controls testing and assessments
• Experience in designing and evaluating KPI’s and KRI’s for cyber risk reporting
• Well-developed interpersonal and communication skills, including an ability to positively influence key stakeholders
• A naturally inquisitive and analytical mind, and strong ability to problem solve
• Ability to apply critical thinking to identify ongoing opportunities for continuous improvement
• A genuine interest and passion to learn and develop new skills
• Tertiary qualifications in a Computer Science, Software Engineering, Information Technology or a Cyber Security specialisation

Nice to have’s

• Experience in at least two or more industries 

About Wesfarmers

As one of Australia’s largest listed companies, we’re proud of our longstanding contribution to Australians. Wesfarmers’ achievements are deeply rooted in the desire to continually reinvent ourselves for the brands we own and operate, including leading retailers like Bunnings, Kmart, Target, Officeworks and Priceline. We recently expanded our online offer to bring together the Group’s digitally native businesses, including the OnePass membership program, the Catch marketplace, and the Group data asset. Our work doesn’t stop there, we also operate in the industrials sector which supplies the nation with chemicals, energy and fertilisers, and industrial and safety products. And we’re currently developing an integrated lithium project, including mine, concentrator and refinery.

Join the team at Corporate Office which provides support and advice across the Wesfarmers Group

The Corporate Office provides corporate services and support to the autonomous businesses within the Wesfarmers Group, enabling the achievement of Group objectives. It leads capital allocation and portfolio management for the Group and focuses on leveraging and enhancing the Group’s reputation to support attraction and retention of talent, securing investment opportunities and maintaining a low-cost capital. To do this, we need great people, working together and role modelling our values and ways of working.

Our culture

We’re results focused, but we’re a business that cares. Here we are less about titles and more about everyone playing a valuable role. We provide autonomy and space with freedom to operate, quickly learning from mistakes because we know they are part of the way forward. We’re curious, open minded, and collaborative. And although we’re thought leaders, we’re humble, and willing to share knowledge and learn from one another.

We know that diversity fosters greater innovation and better customer connection, so we strive to create an inclusive and diverse work environment. This means promoting the development of our people and fostering a sense of belonging irrespective of gender, ethnicity, generation, flexible work status, family circumstances, sexual orientation or disability.

Next steps

If this sounds like your next career move, then combine your cover letter and resume into one document and click on the ‘Apply’ button by Friday, 31 May 2024. Please note that we may commence interviewing of candidates prior to this closing date.

For brief enquiries please contact Human Resources on (08) 9327 4223.

We’re hiring the best and the brightest talent. Let’s start to explore the possibilities of achieving great things together.

For more information, visit our website at https://www.wesfarmers.com.au/