About the Role The primary objective of this position is to ensure the organisations cyber security posture remains robust and compliant with industry standards and regulations. This dynamic role encompasses developing and enforcing the company cyber security governance framework, managing policies and procedures, overseeing risk assessment and mitigation strategies, ensuring compliance with regulatory requirements, and driving continuous improvement initiatives. Key accountabilities include:Develop and enforce the organisation's cyber security governance framework.Oversee the creation, review, and maintenance of cyber security policies, standards, and procedures. Lead the identification, assessment, and prioritisation of cyber security risks, and develop risk mitigation strategies. Monitor regulatory requirements and industry standards, ensuring compliance and readiness for audits. Collaborate with incident response teams to develop and maintain robust incident response plans. Develop and deliver cyber security training and awareness programs for employees at all levels of the organisation. Establish processes for evaluating and managing cyber security risks associated with third-party vendors. Define key performance indicators (KPIs) and metrics to assess the effectiveness of cyber security governance activities. Drive continuous improvement initiatives within the cyber security governance function. Santos provides a range of employee benefits, including; career development opportunities, an abundance of professional development courses, a range of health and wellbeing initiatives including free access to an on-site gym and GP services, and flexible work options including access to a 9-day fortnight and work from home arrangements. About YouWe are seeking for professionals with the following experience: 7+ years' experience in cyber security governance, risk management, and compliance. Demonstrated expertise in developing and implementing cyber security governance frameworks, policies, and procedures, particularly in the energy sector. Experience conducting risk assessments, identifying vulnerabilities, and implementing risk mitigation strategies. Experience leading incident response planning, including developing and testing incident response plans. Experience developing and delivering cyber security training and awareness programs. Experience in vendor risk management, including evaluating and managing cyber security risks associated with third-party vendors and service providers. Proficiency in defining and tracking key performance indicators (KPIs) and metrics to measure the effectiveness of cyber security governance activities. Excellent communication and interpersonal skills, with the ability to collaborate effectively across diverse teams and influence stakeholders at all levels of the organization.Ideally, you will be degree qualified in Computer Science, Information Security, Cyber Security, or related field and hold relevant certifications such as CISSP, CISM or equivalent.