Chief Information Security Officer
Senior executive position at Monash University
Senior executive position at Monash University
A message from the Interim Chief Information Officer, Teresa Finlayson
Over the past 60 years, Monash University has developed a global reputation for achieving excellence in teaching and research, working to address the grand challenges of our time.
Monash is a university of transformation, progress and optimism. Our people are our most valued asset, with our academics among the best in the world and our professional staff revolutionising the way we operate as an organisation.
We are also Australia’s largest university with 72,000 students and 17,500 staff across Australian and international locations. Our staff and students reflect the world we are working towards being diverse, inclusive, innovative and sustainable. We keep pace with accelerating changes in the world to sustain our position as a leading global institution. When we see something in the world that needs to be fixed, we #CHANGEIT.
The University’s strategic plan, Focus Monash, aims to strengthen the institutions’ achievements and performance to equip it for a more competitive and globalised future as a truly modern university. The CIO Portfolio underpins this aim and enables the University’s ability to achieve excellence in research and education. Administration at Monash is highly centralised when compared to other universities and organisations. This enables the central information technology function to efficiently and effectively work with other divisions to quickly achieve outcomes. The CIO portfolio includes all traditional and modern IT functions, information security and risk, business intelligence and analytics, ICT strategic initiatives that transform business functions across the University, Records and Archives, Information Management and two business functions: Monash Connect that services our future and current student enquiries and our internal staffing agency, Flexible Administrative Services Team.
The secure flow of information across the institutions’ systems is essential for the University to be able to operate sustainably, and information and technology security and risk is a critical competency for the institution. Monash is scaling cybersecurity awareness initiatives to embed best practice across the University and drive a cultural shift towards recognition and ownership of emerging security risks.
We are seeking an experienced Chief Information Security Officer; who will work closely with the Office of General Council, Privacy and other key university functions; to continue to uplift Monash’s security culture and awareness, strengthen security monitoring and incident management, and optimise the University’s IT risk posture.
At Monash, you will find a culture of collaboration and innovation, and work with colleagues who are committed to supporting the University to make a significant impact on the world.
If you share this passion and vision, I invite you to apply for the role of Chief Information Security Officer and join us as we build the Monash of the future.
At Monash we have a lot to be proud of:
We are characterised by the people who work here with:
As a team we are inspired by, and driven to achieve the goals outlined in our strategic plan Focus Monash, which articulates the goals that will shape our future to 2020 and beyond – to be Excellent, International, Enterprising and Inclusive.
To undertake research and education of the highest international quality that addresses the great challenges of our age.
To build the strength, networks and scale of our international research and education across campuses and faculties to ensure they respond to the issues and opportunities of our region and the world.
To build enduring partnerships with industry, government and other organisations that will enrich our ability to innovate, to infuse our students and staff with enterprising capabilities and provide opportunities to apply our research to make a significant impact for the betterment of our communities.
To seek talented students and staff, irrespective of social or economic circumstances, and build a connected community of students and staff in a diverse University that is deeply engaged with the wider community.
We are the only Group of Eight university to be accredited as an Employer of Choice for Gender Equality from the Workplace Gender Equality Agency.
The CIO portfolio is the largest non-faculty portfolio at the University and is leading substantial technological, service, cultural and organisational reform for Monash across domestic and international campuses and entities.
At Monash, technology is already firmly embedded in every aspect of the University’s operations and services, and the University’s rolling three-year ICT Plan is a key enabler to realising our strategic objectives and collective priorities. Our ICT Plan reflects a balance between our appetite for innovation, and the need for ongoing delivery and support of core services required for reliable operation of the University’s research, education and administration platforms.
The CIO portfolio takes a collaborative approach to working with all areas of the University, co-locating staff in portfolios and faculties to best understand our business partners, support their business priorities and position staff as ambassadors. This is supported by stakeholder relations and change management measures, face-to-face meetings with key stakeholders, and participation at leadership retreats and workshops. The establishment of a customer centric culture across the delivery teams has also been a key enabler.
With more than 17,000 employees, engagement and communication is key to providing the broader Monash community with visibility and transparency of the CIO portfolio’s work, how it enables individuals and departments in their roles, underpins the achievement of the University’s objectives and ultimately supports Monash to have a bigger global impact.
The Chief Information Security Officer (CISO) reports to the Chief Information Officer (CIO) and is responsible for the development and delivery of the University’s information security strategy and practice and leads and directs the IT Security & Risk team. This includes leading, coordinating, directing and reviewing the university-wide strategic and operational activities in the digital and IT security and risk area. This includes projects, strategic direction and planning, reporting, business improvement, performance measurement, and budget.
This position requires an experienced, energetic, engaging and visionary leader to lead an exciting, vibrant community of information technology professionals in protecting Monash and its array of digital assets. This in turn allowing Monash University to succeed in its mission to provide international excellence in both research and education.
Digital and information technology plays a vital and ever-expanding role in the University’s mission. The information technology environment is complex - highly distributed and diverse. The University’s Chief Information Security Officer (CISO) is therefore critical to ensure the design and implementation of a university-wide vision & strategy resulting in appropriate action planning that will ensure Monash University’s Information Security both now and into the future.
The CISO is a member of the CIO leadership team and serves a key role in University leadership, engaging and working closely with senior internal and external stakeholders on complex and sensitive issues. The CISO engages and advises a range of senior stakeholders including senior Monash administration, academic leaders, General Counsel, Privacy, Enterprise Risk and Compliance and Internal Audit.
The CISO is an advocate for the University's total digital and information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimise the security posture of the University. The CISO leads the development and implementation of a security program that leverages collaborations and campus-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a proven ability to work with other senior leaders to ensure the optimal balance between security considerations and organisational priorities.
The University has engaged Heidrick & Struggles to assist in the recruitment process. For a confidential discussion and to obtain the full information package please contact:
Bill Kett, firstname.lastname@example.org
Applications close: Monday 22 July 2019
For position description, please see below;