Information Security Manager
Advertiser: :86 400More jobs from this company
- Job Listing Date
- 1 Jan 2020
- Sydney, CBD, Inner West & Eastern Suburbs
- Work Type
- Full Time
- Information & Communication Technology, Security
We believe it’s time for a new type of bank. One that steps up and does the right thing by its customers; that puts them first. One that is relevant and meaningful in today’s world.
We’re that new type of bank. We’re digital only, and harness the capabilities of technology, data and artificial intelligence to deliver an entire bank in the palm of your hand. We exist solely to serve our customers - to give them a smarter, more personalised banking experience. We are constantly adapting and evolving to help customers make better, more informed financial decisions. We do things in real time, to bring real value to their lives. We put them first.
And we do this every second, of every minute, of every day. All 86,400 of them. We’re 86 400.
Your purpose is to lead information security design, deployment and management of secure solutions, in accordance with security standards. You treat information as preciously as if it were cash and you scrupulously respect customer and staff confidentiality. You seek out weaknesses in our systems and capabilities that could be exploited and seek to close or narrow those gaps. You provide a second line of defence for our information security, challenging your first line operationally deployed counterparts to ensure they do the best job they can in this area.
The position is responsible for Information Security throughout 86 400. This role reports to the CRO and has a dotted reporting line to the CIO.
HOW YOU’LL SPEND YOUR TIME AT 86,400
While you should be able to work across all aspects of the Digital Bank (including deposit and lending products) your primary focus will be to ensure we have processes in place to ensure our systems are secure.
Your key tasks will include:
- Define and maintain IT security policies and procedures for a digital bank
- Monitor the external threat environment for emerging threats and advise relevant stakeholders on appropriate courses of action
- Develop, implement and monitor a strategic, comprehensive IT security management programme
- Analyse and make security recommendations to improve network, system and application architectures
- Recommend security controls for mitigating technical and business risk
- Conduct periodic audits to ensure compliance with key controls
- Provide security advice on change management process
- Responsible for Vulnerability management and facilitation of penetration testing.
- Responsible for User awareness training and phishing campaigns
- Prepare and present timely updates and reporting to executive management, the board, and regulators
- Coordinate all IT governance activities, ensuring the timely completion of internal compliance and regulatory requirements.
- Mentor and guide IT security analyst
WHAT MAKES YOU TICK
- You thrive in fast paced, ever changing working environments
- You communicate openly, quickly, transparently and clearly
- You can effectively manage change, and assess the impact of change on requirements and impact on delivery
- You can effectively manage conflict and issues to resolution
- You can manage conflicting priorities quickly and effectively
- You can easily adapt to a changing environment, and maintain a high level of personal resiliency
- You can create clarity out of ambiguity to deliver outcomes
- You enjoy multi-tasking, and enjoy variety in your workday
WHAT YOU WILL BRING TO 86 400
- 10+ years’ experience in IT security management positions within the Banking or Finance sector
- Extensive experience in SIEM, Security Analytics, AV, Log Management
- Strong knowledge of security standards including ISO27001 COBIT and Risk Management
- Broad knowledge of Security technologies and products (e.g. SIEM systems, security analytics, end-point protection solutions, firewall technology, IPS, WAF, FIM etc.)
- Demonstrated experience managing IT audits and cybersecurity risk assessments across IT environments, projects, and third parties.
- Self-starter with energy, passion and drive
- Experience in PCI DSS environment
- Experience with Security Architecture and Engineering and general security consulting
- Proven ability to work with regulatory, legal and security best practices including Australian Prudential Regulation Authority (APRA),
Your technical expertise:
- Good business planning, analytical and conceptual skills
- Strong skills with Confluence and Microsoft Security and Compliance Centre
- Appropriate tertiary qualification in Engineering, Computer Science, Information Technology / Systems or equivalent relevant experience
- Industry certifications, such as CISA, CISSP, or CISM
VALUES. EVERY SECOND
- Customer. Customer. Customer - We put the customer’s best interests at the forefront of everything we do. We believe financial success will follow customer success.
- Agile and Brave - Constantly collaborating in new ways to create something genuinely innovative.
- Value Each Other - We respect everyone’s contribution, embracing a common goal and championing individuality.
- Frank and Authentic - A high performing team who say what we mean and mean what we say to create a strong team culture.
- Show Up - We bring our passion, positivity and sense of fun every day to embrace the challenges of changing the banking game.
If you are looking to look for an innovative company which adds value, then this is the role for you. A competitive package is on offer for the successful candidate.
Please note: No agencies will be accepted in the recruitment of this role. We would like to take this opportunity to thank all candidates for their application. Only candidates who meet the criteria above will be contacted for an interview.
- Which of the following statements best describes your right to work in Australia?
- What's your expected annual base salary?
- How much notice are you required to give your current employer?
- What's your highest level of education?
- How many years' experience do you have working in an agile environment?