\n
Client<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span>
<\/p>\n
<\/p>\n <\/div>\n
\n
\n
A new ICG local government client is looking for a <\/span><\/span><\/span><\/span><\/span>Cyber Security Consultant<\/b> <\/span>to work with their CIO to undertake an audit of current practices and provide pragmatic recommendations and trade\-offs for an improved situation, including governance and implementation strategy. Today, attacks on local government involve identity and financial theft, exfiltration of information, and extortion using ransomware.<\/span><\/span><\/span><\/span>
\n <\/div>\n \n
\n <\/div>\n
\n
The successful accredited professional will be accountable for:<\/span><\/span><\/span>
\n <\/div>\n \n - Conducting an audit of current practices and risks for an organization of 700 FTE's and 200 contractors, 12 locations, 5 websites and one ticketing site;<\/span><\/span><\/span>
<\/li>\n - Review governance, policies, and daily practices of users and their managers, executive and council;<\/span><\/span><\/span>
<\/li>\n - Understanding of a pragmatic cyber security framework specific to local government that gives the ability to manage and reduce organisational cyber security related risk; <\/span><\/span><\/span>
<\/li>\n - Familiarisation with other notable local government cyber security strategies to identify acknowledged best practices;<\/span><\/span>
<\/li>\n - Create a risk profile for the organization - current state and proposed;<\/span><\/span><\/span>
<\/li>\n - Familiarization with expense budgeting processes and how recommendations can be funded, with appropriate prioritization and related trade\-offs;<\/span><\/span><\/span>
<\/li>\n - Create a high\-level improvement plan for asset protection that includes:<\/span><\/span><\/span>
<\/li>\n <\/ul> <\/span> <\/span><\/span>\- <\/span><\/span>Current and future target risk and maturity profile<\/span><\/span>\n <\/div>\n \n
<\/span> <\/span><\/span>\- Security practice size\/shape<\/span><\/span>
\n <\/div>\n \n
<\/span> <\/span><\/span>\- Risks and opportunities for customer facing, business network and <\/span>control systems <\/span><\/span>
\n <\/div>\n \n
<\/span> <\/span><\/span>\- Governance opportunities <\/span><\/span>
\n <\/div>\n \n
<\/span> <\/span><\/span>\- Education and training opportunities<\/span><\/span>
\n <\/div>\n \n
<\/span><\/span><\/span>\- Changes to current security footing as it relates to the environment<\/span><\/span>
\n <\/div>\n \n
\n - Provide a risk\-weighted implementation plan as part of the overall recommendations<\/span><\/span>
<\/li>\n <\/ul>\n <\/div>\n \n
\n <\/div>\n
\n
\n
\n
Role<\/span><\/span><\/span><\/span><\/span><\/span><\/span>
\n <\/div>\n \n
\n
<\/span><\/span>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n \n
\n
\n
\n
\n
\n \n
Cyber Security Consultant <\/span><\/span><\/b><\/span>
\n <\/div><\/span>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n \n
\n <\/div>\n
\n
Our client is a local government entity in New Zealand.<\/span><\/span>
\n <\/div>\n \n
\n <\/div>\n
\n
As a government entity there are a wide variety of internet\-based interactions taking place daily, involving a large number of employees across several departments and locations, contractors working on behalf of the organization, and the participation of the broader public in website and email exchanges. <\/span><\/span>
\n <\/div>\n \n
\n <\/div>\n
\n
Our client seeks a cyber security audit and risk assessment, to include high\-level recommendations for addressing risks within budget constraints. <\/span><\/span>
\n <\/div>\n \n
\n <\/div>\n
\n
The successful accredited professional will have deep experience in Cyber Security auditing, risk assessment and mitigation strategies, with an ability to understand complex organisations and their ICT footprint, and a propensity for pragmatic solutioning.<\/span><\/span>
\n <\/div>\n \n
\n <\/div>\n
\n
Ideally the accredited professional will have significant experience in:<\/span><\/span><\/span>
\n <\/div>\n \n
\n - 5+ years as a management consultant or industry executive<\/span><\/span><\/span>
<\/li>\n - The New Zealand Information Security Manual (NZISM) on information assurance and information systems security<\/span><\/span><\/span>
<\/li>\n - CISM, CISA orCISSP professional designation preferred<\/span><\/span><\/span>
<\/li>\n - Complex multi\-business, multi\-geography enterprises<\/span><\/span><\/span>
<\/li>\n - Cyber security experience in an executive and consulting role, in North America or Europe, Australia and New Zealand<\/span><\/span><\/span><\/span>
<\/li>\n - Dealing with a variety of regulatory stakeholders <\/span><\/span><\/span><\/span><\/span>
<\/li>\n <\/ul>\n \n
\n <\/div>\n <\/div>\n
\n
\n
\n
\n
\n
\n \n
Logistics, Location & Rate<\/span><\/span><\/span><\/span>
\n <\/div><\/span>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n \n
\n
\n
\n
\n
\n
\n <\/div>\n
\n
Logistics:<\/b> <\/span><\/span>The engagement will commence on or about 3 February 2020 and last 4\-6 weeks.<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span>
\n <\/div>\n \n
<\/span><\/span><\/span><\/span><\/span><\/span><\/span>\n <\/div>\n \n
Location: <\/b><\/span><\/span><\/span>The client location is on the North Island of New Zealand<\/span><\/span><\/span><\/span><\/b><\/span><\/span><\/span><\/span><\/span>
\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n