Business Information Security Officer

What you’ll do

• Develop and maintain in depth understanding of the Commercial segment’s processes, systems, technologies, data, customers, consumers, partners.

• Act as the primary local security contact / advisor for key stakeholders within the Commercial segment.

• Advise Security Leadership in decision making for and affecting the Commercial segment.

• Analyse and manage security compliance requirements based on industry standards, national and international regulatory framework and internal policy framework.

• Proactively identify non-conformities and areas of potential improvement and facilitate development of pragmatic solutions to address issues, utilizing the security assessments and observations processes.

• Engage with clients and customers as needed to assist the business to achieve its objectives with pre and post sales activities (e.g. explain our security program, support external audits, support bids/RFP process, assist in customer communication of security incident, etc).

• Participate in BU related conferences, client facing engagement, industry forums to represent the Security program.

• Provide regular and timely reporting on the status of information security across the Commercial segment.

What experience you need 

• 5+ years experience within the security industry.

• Bachelor’s degree or an equivalent combination of education and experience required.

• Strong communication and presentation skills demonstrated by your experience in presenting and communicating at all levels within the organization and senior management. An ability to translate complex technical security concepts into business-friendly communications, especially covering cloud usage.

• Ability to independently influence others in order to achieve objectives.

• Ability to work collaboratively within a team as well as independently and autonomously, and engage stakeholders as required, to own and carry on end-to-end projects and initiatives.

• Strong ability to build and maintain trusting relationships with internal and external customers and

• always demonstrate good judgment, integrity and actively collaborates and commits to the success of others.

• Knowledge and experience of Information Security Risk and Security governance.

• A solid understanding of security best practices and international standards such as ISO2700 and PCI DSS and NIST.

• Demonstrable experience of driving operational implementation of policies and processes.  

  What could set you apart

• Previous experience as a Business Information Security Officer (BISO).

• Experience working in a matrix environment with globally diverse team members.

• Experience with Google Cloud (GCP).

• Previous experience working with external clients.

• Experience participating in IT Security audits, working with auditors..

• Experience obtaining or maintaining compliance certifications such as SOC2, PCI, ISO 27001.

• Understanding of cyber risks in the banking/ financial services sector.

• CISM, CISSP or related certification is a strong plus.

Primary Location:

AUS-Sydney-Blue-Street

Function:

Function - Security Governance and Compliance

Schedule:

Full time