Head of Security
Sydney
Before “fintech” was a thing, our founders were dreaming up new ways to transform banking, simplifying the customer journey and the employee experience.
More than 25+ years later Sandstone Technology is still leading the charge, innovating and evolving as the industry evolves. Our high client retention rate is our proudest achievement with 35+ financial institutions across Australia, New Zealand, Asia and the United Kingdom placing their trust in our solutions.
From digital banking and digital onboarding to origination and AI-based data analysis, with cloud-based or on-premise deployment, we create flexible, robust, end-to-end solutions using a multi-channel approach that gets our clients to market faster.
The Role
Sandstone is currently on the lookout for Head of Security to manage a dedicated team of Cyber Security Professionals and help them with their workload, projects & tasks. As we work in an Agile environment, apply your experience in managing the team’s workload in the framework of Agile and be the Scrum Master and assist in sprint planning and grooming activities.
Key Responsibilities:
- Provide leadership qualities when leading this talented Cyber Security Operations team. Provide guidance and mentoring to all team members.
- Conduct risk assessment on various products and services within the organisation and provide recommendations on mitigations.
- Respond to customers third party risk assessment and comply with the TPRM specially for APRA regulated customers.
- Review and maintain to the highest standard, the security procedures, policies in compliance with NIST CSF or ISO 27001 security frameworks, and kept up to date, maintained and complied
- Conduct ongoing security assessment and respond to vulnerabilities when they surface, the likelihood, impact, and risk to the organisation.
- Key member of the Cyber Security Squad ensuring the security risks is managed appropriately, whilst conducting real-time monitoring, assessing, and triaging alerts.
- Contribute to the development of response procedures and promote compliance to policies and standards relating to Cyber Security and reporting
- Provide leadership, and cyber security guidance to team members on several topics such as Cyber Incident handling, Vulnerability Management, Data Breach Prevention, Endpoint & Malware security, Web and Email Security, SIEM, Monitoring & Alerting and Network Security etc.
- Be the point of Incident escalation and provide guidance and sound advice to other team members.
- Provide support the effectiveness of the organisations ISMS, recommendations, and provide solutions, updates and maintain its status as ISO 27001 certified.
About You
- Understanding of NIST CSF, ITIL, ISO 27001 or other Cyber Security Framework.
- Scrum Mater experience, backlog management and grooming and had worked in an Agile environment
- Awareness and understanding of cloud providers and their services (AWS, Azure, etc).
- Experience in Security / Risk assessment, Third Party Risk Assessment, Security Frameworks, audits, and compliance.
- Leadership quality can lead and inspire a team, and who enjoys keeping abreast of industry developments.
- Experience and understanding of Vulnerability Management, Security Operations, and Incident Response handling.
Why Sandstone?
- Career development planning and opportunities to achieve certifications such as SAFe, AWS
- WFH allowance
- Access to training resources and allocated time off for additional training of your choice
- Flexibility and work/life balance
If you're interested in working with us, apply now and submit your resume!
