Job details

Location
Brisbane
Salary
Up to AU$130000 per annum + plus super
Job Type
Permanent
Ref
34666_1623039823
Contact
Chelsey Costello
Contact email
Email Chelsey
Contact phone
0478 100 161
Posted
10 days ago

Job details

Location
Brisbane
Salary
Up to AU$130000 per annum + plus super
Job Type
Permanent
Ref
34666_1623039823
Contact
Chelsey Costello
Contact email
Email Chelsey
Contact phone
0478 100 161
Posted
10 days ago

Talenza have partnered with a mutual bank on the search and selection of a Security Analyst - Controls Assessor. You will work with internal and external stakeholders to conduct and enhance a comprehensive security controls testing program in accordance with industry, business and regulatory requirements. You will bring a continuous improvement ethos, identifying and readily actioning areas for development to elevate the bank's compliance program to a new standard of excellence.

Success in this role will see the Security Analyst - Controls Assessor responsible for maturation of the compliance program with measurable, visible improvements that have a positive impact on the entire organisation.

The Responsibilities

You will have responsibility for a range of Information Security and Controls Testing matters, including (but not limited to):

  • Develop methods to monitor and measure risk, compliance and assurance efforts, and develop specifications to ensure that these conform with requirements at the application, system and network environment level

  • Draft statements of preliminary or residual security risks for security control operation

  • Undertake Security Risk Assessments in line with the bank's Risk Management Framework

  • Perform risk analysis and security posture verification for application / system / network security, including remediation work

  • Identify threats and vulnerabilities related to the Bank's information assets in order to quantify risks to the Bank

  • Perform controls testing in line with the bank's Controls Testing Framework

  • Assess effectiveness of security controls - perform security review to identify gaps in security architecture for inclusion in risk mitigation strategy and to develop a Security Risk Management Plan

  • Post-incident reviews, implementing lessons learned in order to improve the Bank's overall security posture and maturity

The Requirements

You are someone with an innovative streak, who loves keeping up-to-date on current and emerging trends, technologies and security threats and takes proactive steps to continue building your knowledge (conferences, training and multimedia research). You have strong written and spoken communication skills are essential to this role, in particular the commercial acumen to adjust your communication style and interpret technical information in a manner that is understandable, relatable and conveys true value to stakeholders from different parts of the business. Naturally, a role of this nature requires familiarity with security controls testing / validation procedures and, accordingly, a high level of attention to detail with an inquisitive and investigative mindset.

Required

  • Bachelor's degree in Computer Science or related discipline and / or equivalent work experience and/or relevant industry certification(s) or ability to obtain

  • Demonstrable experience and aptitude in an Information Security role in particular controls testing

  • Knowledge of current industry methods for evaluating and implementing IT security assessment, monitoring, detection and remediation tools

  • Knowledge of Risk Management Framework (RMF) requirements

  • Knowledge of network security architecture concepts, including topology, components, protocols and principles

  • Knowledge of cybersecurity principles and organisational requirements

  • Ability to discern protection needs of information systems and networks

  • Knowledge of the Security Assessment and Authorisation process

  • Knowledge of cyber-defence, vulnerability assessment and penetration testing principles, tools and techniques

Desirable

  • CPS234 financial services industry regulations exposure, or ability to obtain

  • A background in audit would be advantageous for this role