Enterprise Security Strategy & ArchitectureCuscal is a payments & regulated data services provider in Australia.
Since 1966 we have enabled banks, corporates and fintechs to better serve and connect with their customers.
For a winning team that is evolving. Forward with Cuscal.
At Cuscal, you'll find a strong, successful company that's reimagining the future.
Here, you'll deliver or support interesting, ground-breaking projects that have real impact on Australia's financial services sector and the millions of customers it serves.
You'll innovate alongside skilled, smart, connected teams, and build an impressive, fulfilling career that continues to grow.
Job DescriptionWe are looking for an Enterprise Security Strategy Architect to join our evolving IT Security team in a pivotal role, responsible for defining and executing a unified cybersecurity strategy! What is this role about? As the Enterprise Security Strategy Architect, you will ensure that security is embedded into enterprise-wide initiatives by defining secure architecture patterns, performing threat modelling, and providing strategic business consulting.
This role is critical in enabling agile and scalable security practices that support innovation and minimize risk across Cuscal.
ResponsibilitiesSecurity Strategy & Alignment: Lead the development and maintaining the Cuscal's enterprise security strategy, ensuring alignment with business objectives and regulatory requirements.Provide strategic direction for security investments and ensure that security architecture is integrated into the Cuscal's overall technology landscape.Define and maintain the security architecture strategy & roadmap, ensuring that it evolves with emerging threats, technologies, and business needs.Security Architecture and Pattern: Design, develop and drive implementation of security architecture patterns for systems and applications across the enterprise.Establish security reference architectures to guide the development of secure solutions that support agility and scalability across all projects and initiatives.Collaborate with enterprise architects and cross-functional business to ensure security considerations are integrated into enterprise-wide architectures.Threat Modelling and Risk Assessment: Lead and facilitate threat modelling exercises across projects and business functions to identify and mitigate potential security risks.Collaborate with technical teams to perform security assessments and ensure that all new and existing systems adhere to the Cuscal's security standards.Drive proactive threat modelling as a part of the software development lifecycle (SDLC), integrating it into agile and DevOps environments.Business Consulting and Stakeholder Engagement: Foster a culture of security by design, working with product owners and development teams to embed security early in the development process.Deliver clear and actionable security guidance that enables the rapid and secure delivery of business solutions in an agile environment.Provide thought leadership and guidance to security, IT, and business teams on security design patterns and architectural decisions.QualificationsWhat can you bring? 10+ years of experience in cybersecurity, with at least 5 years focused on security architecture and strategy.In-depth knowledge of enterprise security frameworks, such as SABSA, TOGAF, and NIST.Extensive experience in designing and implementing security architectures across complex IT environments, including cloud, hybrid, and on-premises solutions.Strong understanding of security technologies, including IAM, PAM, encryption, network security, cloud security, and security operations.Ability to identify tasks and activities required to meet project requirements and to set goals and priorities in line with business objectives.Although not required, any experience in the following would be highly regarded: Payment's industry, ATM/EFT/POS technology, cards and finance or other regulated industries and/or 24x7 mission-critical environments.Knowledge of security frameworks and standards such as ISO 27001, CPS234, ASD Essential 8 etc.Understanding of legal, regulatory, privacy and security matters associated with the Banking and Finance Industry. #J-18808-Ljbffr