News

Creating opportunity through a strong presence in the GRC/Security Job Market

Event Date / Time: 12th March 2019 – 5:30pm to 8:00pm (AEDT)

In the ever-changing Security and GRC job market there are many ideas as to how to highlight your achievements to a potential employer in the most effective manner; How we can be as impactful as possible through –

  • Job Sites ?
  • Linkedin?
  • Applying directly?
  • Certifications that are relevant?
  • Certifications that will be valid in years to come?

Questions such as these fill the job market at both ends of the scale, for both senior and junior roles, and often come back with inconsistent and even inaccurate answers. Over the past year there has been a significant trend upwards in the Security & GRC market sectors and to make the most of an opportunity you need to be prepared.

In the presentation outlined we will explore and attempt to answer many questions and speak to industry professionals, recruiters and hiring managers alike about what they are seeing in the market, what they look for, what they view as irrelevant and what makes your profile shine.

We will cover topics such as:

  • Linkedin Profiles
  • CV’s
  • Interview styles
  • Interview preparation vs over preparation
  • Candidate/ Client Journey
  • Internal Processes and what they mean for you.

The ISACA Melbourne Chapter invites you to join us a Robert Walters offices, for an informative evening to provide visibility into an ever-changing Security and GRC recruitment market.

CPE Hours

1.5 hours, based on the assumption you have signed the attendance sheet when attending

 

Registration and Admittance

•             Due to our sponsoring partner’s facilities, access requirements and for catering purposes, we request that you register for this event to ensure you are able to attend.

•             Registration to this session is open and free of charge to all current and prospective ISACA members.

•             A registration door prize will be drawn from the list of duly registered attendees.

Agenda

·       5.30pm – Registration and session sign-in – required to receive applicable CPE credits

·       6:00pm – START – Welcome, Introductions, Agenda

·       6:05pm – Monthly PD Session, Questions & Answers

·       6:50pm – The Soapbox – Chapter Updates, Announcements and Issues of interest to members

·       7:00pm – 15min Topic presentation

·       7:15pm – Networking opportunity – drinks and finger food to be served

·       8.00pm – Event Ends

About the Speakers

Dhananjaya Naronikar

A Senior Cyber, Data, Cloud and Architecture professional with over 21+ years experience. Sought after as a speaker and career mentor, Dhananjaya is currently engaged with ANZ Bank and has previously worked with CQR, Verizon, Deloitte, Accenture, etc. in various leadership capacities. Current career highlights include Head of Cyber Security & Privacy Advisory at SXiQ, President and Chair at (ISC)2 Melbourne Chapter, a self-made entrepreneur, and a mentor for budding talent in the Data Protection & Cyber Security space.

 

John Mabbott

 

An experienced Security and Fraud Leader of 20 years with a technical design/development background who has a demonstrated track record of leading successful Security projects and consulting engagements, and who has extensive experience in the risk/control assurance and trading/quantitative analytics domains both within Australia and internationally. Currently the Head of Enterprise Security and Fraud for Vanguard Investments, John is building a Security program that has an Asia Pacific span including SOC Teams, Security Assurance and Threat Intel teams, as well as strategic alignments with HQ in the United States.

 

The Weakest Link – Managing Supplier and Third Party Risk

Third party vendors and suppliers often have access to your network and your organisation’s confidential information. The best way to prevent a data breach is to have robust program to assess how your third parties are managing their risk and protecting your data. Organisations must have a clear understanding of the risks inherent in their business relationships with third parties. Continually assessing your vendors is the best way to manage your third party risk. How should you approach managing third party risk?

This presentation will cover the following topics:

·         Discuss the major failings of traditional third party risk management programs

·         Creating a supply chain awareness program

·         Creating a comprehensive catalogue of vendors and suppliers

·         Risk based segmentation of identified vendors and suppliers

·         Risk assessment and rules based due diligence activities

·         The key contractual clauses all contracts with third parties should contain and why

·         Methods for continuous monitoring

·         A model for a comprehensive process to effectively and efficiently manage third party risk

 

Third party actors often directly interact with sensitive data and business processes– organisations have been forced to adopt new controls, tactics, and technology to shield their enterprise from cyber threats.

 

CPE Hours

1.5 hours, based on the assumption you have signed the attendance sheet when attending

 

Registration and Admittance

•           Due to our sponsoring partner’s facilities, access requirements and for catering purposes, we request that you register for this event to ensure you are able to attend.

•           Registration to this session is open and free of charge to all current ISACA members.

•           A registration door prize will be drawn from the list of duly registered attendees.

Agenda

  • 5.30pm – Registration and session sign-in – required to receive applicable CPE credits
  • 6:00pm – START – Welcome, Introductions, Agenda
  • 6:05pm – Monthly PD Session, Questions & Answers
  • 6:50pm – The Soapbox – Chapter Updates, Announcements and Issues of interest to members
  • 7:00pm – 15min Topic presentation
  • 7:15pm – Networking opportunity – drinks and finger food to be served
  • 8.00pm – Event Ends

About the Speaker

Wayne Tufek

Director, CyberRisk

www.cyber-risk.com.au

Professional background

For over 20 years he has formulated pragmatic, business driven strategies to establish, execute and improve cyber risk management in ASX listed companies and some of Australia’s largest organisations across the public sector, Big 4, financial services, consumer products, education and retail sectors. Wayne is a member of Chartered Accountants Australia and New Zealand and holds the SABSA SCF, CISSP, CRISC, CISM, CISA, PCI QSA and ISO/IEC 27001 Lead Implementer qualifications. He is frequently asked to present at security conferences and events in Australia and internationally including the Australian Cyber Security Centre Conference, AusCERT, RSA APJ and CeBit.

 

Threat modelling approaches

This months PD session talk will cover different approaches of threat modelling such as STRIDE, ATASM, PASTA.  We will also look at the benefits of this approach as well as approaches for including threat modelling into Agile development, security testing and security assurance.  Lastly we will explore some tools used for threat modelling such as the Microsoft Threat modelling tool and OWASP Threat dragon with a live example.

CPE Hours

1.5 hours, based on the assumption you have signed the attendance sheet when attending

 

Registration and Admittance

•           Due to our sponsoring partner’s facilities, access requirements and for catering purposes, we request that you register for this event to ensure you are able to attend.

•           Registration to this session is open and free of charge to all current and prospective ISACA members.

•           A registration door prize will be drawn from the list of duly registered attendees.

 

Agenda

 

·         5.30pm – Registration and session sign-in – required to receive applicable CPE credits

·         6:00pm – START – Welcome, Introductions, Agenda

·         6:05pm – Monthly PD Session, Questions & Answers

·         6:50pm – The Soapbox – Chapter Updates, Announcements and Issues of interest to members

·         7:00pm – 15min Topic presentation

·         7:15pm – Networking opportunity – drinks and finger food to be served

·         8.00pm – Event Ends

Location

EY Melbourne Office – 8 Exhibition St Melbourne VIC 3000

 

About the Speaker

Rahul Lobo

Rahul Lobo is a Director in EY’s Financial Services Cyber team and is focussed on Security Architecture, Threat Modelling and Security Testing. He is a CISSP, ISSAP, CISA, SABSA SCF, OSCP, AWS Cloud Architect and CREST Registered Tester.