Cyber Risk Advisor
Perth, WA, AU
Applications have closed
Fortescue
Welcome to Fortescue. We're a global green energy and metals company.About Us
Fortescue is both a proud West Australian company and a global green solutions business. We are recognised for our culture, innovation and industry-leading development of infrastructure, mining assets and green energy initiatives.
Our Opportunity
Work Location: Perth. Perth, Western Australia. Fortescue’s Perth office is located on the traditional lands of the Whadjuk people.
Roster: Monday to Friday
The Cyber Security team is responsible for leading Fortescue's efforts to be a cyber resilient, safe and trusted organisation, by effectively managing risk across all assets enabled through technology (informational, industrial and operational)
Reporting to the Superintendent of Cyber Risk Advisory, the role will be responsible for protecting Fortescue’s information technology (IT) and operational technology (OT) environment through compliance with all applicable configuration standards and best practice frameworks for any cyber risk assessment and assurance activities, performing Threat Assessments and Modelling activities, cyber security reviews, development of Security patterns and assisting with incident response activities
Key Responsibilities
- Carries out cyber security risk management activities within a specific function, technical area, or project of medium complexity.
- Identifies cyber risks and vulnerabilities, assesses their impact and probability, develops mitigation strategies and reports to the business.
- Involves specialists and domain experts as necessary.
- Maintains documentation of risks, threats, vulnerabilities, and mitigation actions.
- Advises on Fortescue’s approach to cyber risk management related to corporate and/or Operation Technology domains.
- Identifies typical risk indicators and explains prevention measures.
- Identifies risk mitigation measures required in addition to the standard organisation or domain measures.
- Develop security patterns for key technologies based on threat modelling.
- Reviews and performs cyber risk assessments and risk treatment plans. Identifies typical risk indicators and explains prevention measures.
Qualifications and Experience
- Degree / Diploma / Certificate in Information Technology, Computer Science, Electrical Engineering, mechatronics, or a related discipline.
- General or specific Cyber Security certifications e.g. CCNA, CISSP, GSEC, GRID, GICSP, OSCP CEH, CISM etc.;
- Degree / Diploma / Certificate in information systems management, business administration, or a related discipline would be beneficial.
- Independent judgement and strong decision-making capabilities;
- An ability to communicate complex and technical issues to diverse audiences at all levels;
- An understanding of organizational mission, values, and goals and consistent application of this knowledge;
- Ability to react to high pressure dynamic changing environments;
- Ability to effectively work independently or as part of a team.
Our Commitment
Fortescue is deeply committed to providing a safe culture that builds respect, fosters inclusiveness, and values diversity. We celebrate individual strengths and team members from all backgrounds are encouraged to bring their whole selves to work. Our global workforce drives and promotes an inclusive culture, both within our organisation and throughout the communities we interact with across the world. Diverse backgrounds include First Nations Peoples, people with differing abilities, LGBTIQ+ community, gender, neurodiverse, cultural diversity, all age groups, and those with an intersectional or multiple diverse characteristics. We encourage candidates from all backgrounds to apply.
https://fortescue.com/careers
Internal Candidates / Current Contractors please apply via Success Factors Careers Portal. For further information on how to apply please visit the Fortescue Hub.
Fortescue reserves the right to close applications early should a suitable pool of candidates be identified. Fortescue will never contact you to ask for payment of any kind, whether directly or through a third party.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CEH CISM CISSP Compliance Computer Science GICSP GSEC Incident response Industrial OSCP Risk assessment Risk management Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open SQL-related jobs
- Open PowerShell-related jobs