Apply for Job

Advisor, Information Security

Ding! Ding! Trams are the heart of Melbourne – join our team and be part of the world’s largest tram network.

Role Purpose

At Yarra Trams, our mission is to deliver world-class transport services to our passengers. In this role, you will contribute to this goal by

Performing Information Security Risk Management activities;
Performing Information Security Compliance activities;
Performing Information Security Remediation activities;
Supporting Information Security Assurance, Governance and Operational activities;
Leading and following safe work practices;

Responsibilities

Prepare reports and communicate with stakeholder (including staff and external parties) the compliance against information security obligations of the Franchise Agreement.
Define and regularly update the Yarra Trams Protective Data Security Plan (PDSP) and monitor the progress of the plan execution.
Ensure alignment of the Yarra Trams Information Security Management System (ISMS) with the legal and regulatory environment.
Ensure Yarra Trams compliance with the Information Security Risk management standards ISO 27005, OVIC Victorian Protective Data Security
Standards (VPDSS), and Security of Critical Infrastructure (SoCI) obligations.
Establish, implement, and maintain The YT Security Risk Profile Assessments (SRPA).
Participate in regular OCMS Risk review meetings and ensure that all relevant OCMS Risk are accurate and up to date.
Trigger Risk reviews and maintain Information Security Risk Register in the Corporate Risk Management System.

Skills & Experience

Tertiary qualifications in Information Technology and/or significant proven experience, relevant to this discipline.
5-10 years’ Experience in OCMS Information Security Management and auditing.
Proven ability to successfully develop, implement, enforce, audit, and continuously improve information security governance frameworks/systems work.
Sound knowledge and understanding of relevant security frameworks, standards, and policies, including the Victorian Protective Data Security Framework (VPDSF), Victorian Protective Data Security Standards (VPDSS) and the Australian Signals Directorate (ASD) guidance tools such as the Information Security Manual (ISM).
Understanding of various Risk Management frameworks such as NIST 800, ISO 27005 and ISO 31000.
Sound understanding of information security and its relationship to organisational risk and enterprise architecture.
Stakeholder engagement skills - Ability to engage with employees at all levels of the business and relevant third parties to identify information security requirements, implement and audit systems of work and recommend mitigations to address information security incidents and hazards.

Why Yarra Trams?

At Yarra Trams, we foster a workplace grounded in respect, celebrating diversity and embracing inclusivity. You’ll also enjoy the following benefits:

A free travel pass for Victoria’s Public Transport Network
Competitive salary and great conditions
Professional development
Career growth opportunities
A commitment to your health and wellbeing including free flu vax, discounted gym membership, and access to our Employee Assistance Program (EAP)
Paid Parental Leave for primary caregivers

About Yarra Trams

Yarra Trams is proudly operated by Yarra Journey Makers, a joint venture between Transdev Australia and John Holland. We work with the Department of Transport and Planning, alongside its transport agencies and operators to provide a fully integrated, sustainable transport service for the people of Melbourne.

We're all Journey Makers, connecting people and communities across Melbourne. We’re committed to caring for each other, our passengers, and the communities we serve. Our Diversity & Inclusion Strategy is a key pillar and as an equal opportunity employer, we value diversity and encourage candidates of all ages, those with disabilities, and people of Aboriginal and Torres Strait Islander heritage to apply.

Please note, our selection process includes pre-employment checks, such as a police check and a medical assessment. Yarra Trams employees are required to adhere to Yarra Trams Policies and Procedures such as, but not limited to, Health and Safety Policy, Equal Employment Opportunity & Workplace Bullying Policy, Drug and Alcohol Management Program Policy (including drug and alcohol testing programs).

If you would like further details about an advertised role, or if you require an adjustment in the application process, or any other information in alternate formats please email careers@yarratrams.com.au or call 1800 800 007

Apply now »

Apply now