Security Analyst for Information Security Policy, Compliance and Controls ANZ Banking Group Limited ANZ offers a range of personal banking services such as internet banking, bank accounts, credit cards, home loans, personal loans, travel and international, investment and insurance. Learn about easy and secure ways to manage your money. View company page At ANZ, we're applying new ways technology and data can be harnessed as we work towards a common goal: to improve the financial wellbeing and sustainability of our millions of customers.About the RoleAs a Security Analyst in our Information Security Policy, Compliance and Controls team, you'll play a key role in helping to provide ongoing development and management of information security policy, standards and controls as per regulatory requirements and industry best practices. You will support risk assessments and provide risk insights to various risk forums. You will also lead regulatory interactions and external audits and must possess excellent stakeholder management skills, with strong influencing and relationship building ability.Banking is changing and we're changing with it, giving our people great opportunities to try new things, learn and grow. Whatever your role at ANZ, you'll be building your future, while helping to build ours.Role Location: MelbourneRole Type: Permanent, Full-timeWhat will your day look like?As a Security Analyst, you are responsible for:Helping business units in adopting information security as a risk theme to manage risks associated with cyber threats and data loss.Deep understanding of security risk assessment frameworks, assessments, aggregation and reporting.Championing information security policies, standards, controls, and processes so that regulatory compliance requirements are addressed as part of business-as-usual operations.Providing analysis and insights into data supporting the effectiveness of technical and process-based security controls.Working with different regulatory authorities for adopting and complying with their security requirements.Creating and maintaining well-defined Information Security policies, standards and controls aligning to regulatory requirements and industry best practices.Scoping and responding to security questionnaires from ANZ clients.Process mappingExcellent stakeholder management skills, with strong influencing and relationship building ability.What will you bring?Tertiary qualified with extensiveyears of relevant experience and preferablyhands-on experience in information security principles and practices, general procedures, and guidelines in complex and challenging business environment.Deep understanding of information security industry standards and best practices (e.g. ISO27001, NIST CSF, NIST SP800-53, PCI DSS etc).Good understanding of APRA CPS 234 and CPG 234."T-shaped individual" – Possess a breadth of knowledge in many fields, but also have depth in Information Security Governance, Risk and Compliance concepts and practices.Ability to form and own opinions, including challenge on compliance arrangements where appropriate.Ability to build and maintain relationships with internal and external stakeholders including excellent negotiating, influencing and conflict management skills.Strong verbal and written communication skills, presentation skills, ability to take a lead in workshops and drive meaningful outcomes.Strong stakeholder engagement skills and ability to build and maintain relationships.Willingness to look at things differently, challenge the status quo and innovate.Proven analytical skills and evidence-based decision making.A 'growth mindset' and ability to identify opportunities for continuous improvement.Comfortable dealing with ambiguity.Experience with and understanding of security, governance, risk, and compliance concepts.Exposure to Agile methodologies and experience with Agile tools such as Confluence and Jira.So why join us?From the moment you join ANZ, you'll be doing meaningful work that will shape a world where people and communities thrive.But it's not just our customers who'll feel your impact. you'll feel it too. Because at ANZ, you'll have the resources, opportunities, and support you need to take the next big step in your career.We're a diverse bunch at ANZ in different roles, different locations, doing different things. That's why we have a range of flexible working arrangements, so our people can 'make work, work for them'. We also provide a range of benefits including access to health and wellbeing services and discounts on selected products and services from ANZ and more.At ANZ, you'll be part of an organisation where the different backgrounds, perspectives and life experiences of our people are celebrated. That's because We're committed to building a workplace that reflects the diversity of the communities we serve. We welcome applications from everyone and encourage you to talk to us about any adjustments you may require to our recruitment process or the role itself. If you are a candidate with a disability or access requirement, let us know how we can provide you with additional support.To find out more about working at ANZ, visit https://www.anz.com.au/careers . You can apply for this role by visiting ANZ Careers and searching for reference number 68445.Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.#J-18808-Ljbffr
