Head of Information Security at The Catch Group

Retail, Information Technology, Full-time, Bentleigh East, Victoria, Australia full-time
Posted 1 months ago

Catch is looking for a seasoned Information Security leader to drive the development of Catch Group’s Information Security strategy as we strive to build Australia's most trusted online marketplace.

We hold sacred the trust we are given by our customers and suppliers in holding their information, and are looking for someone who shares our values when it comes to protecting the data and information we hold throughout our business.

What we need from you:

  • As chair of Catch’s Security Working Group, develop and maintain an Information Security Risk Register, working with relevant business units to identify any risks
  • You’ll manage security and risk related internal and external audits
  • You’ll establish and maintain a security strategy and roadmap for the business, fostering a collaborative security culture throughout the business
  • You’ll build a team to implement, monitor and maintain the organisational security strategy and roadmap
  • You’ll work with the technology teams to set security best practices standards and provide relevant training
  • You’ll own cybersecurity and Data protection throughout the organisation, and establish our first SOC
  • Lead CSIRT, day to day cyber operational activities, manage cyber security assurance services and compliance obligations
  • You’ll have a customer-obsessed mindset
  • You’ll have a data driven approach to maintain and improve our Information Security initiatives (Fraud prevention, threat hunting, vulnerability management)
  • You’ll work closely with our legal team to establish Information Security policies and best practices that integrate seamlessly into our existing environment, and work with the People and Culture team to ensure onboarding, ongoing training, and adherence to these policies
  • You’ll be the advocate for security initiatives across the business and to ensure that priority and resourcing is allocated into these initiatives
  • You’ll take your stakeholders on a journey and educate the wider business on security, and continually facilitate training, refreshers and testing of security policies
  • You’ll represent Catch with your security peers within Kmart Group and Wesfrarmers


What we need you to bring:

  • You’ll bring 10+ years in Information Security, with a strong background in digital native business
  • You’ll bring excellent organisation and project management skills, with the ability to work effectively with limited supervision on multiple concurrent projects
  • You’ll bring experience in organisations who hold extensive PII and related information
  • You’ll bring strong experience with security best practices in a Cloud based software environment, as well as on-prem and enterprise infrastructure
  • You’ll bring knowledge of tools (vulnerability scanning, penetration testing), principals (OWASP), frameworks (ISO, NIST) and key legislative acts (HIPAA, GDPR, APRA)
  • You’ll bring strong documentation and presentation skills
  • You’ll bring a collaborative approach to working with internal and external stakeholders
  • You’ll bring a clear and fluid communication style when articulating your ideas

Preferred Formal Education/Qualifications:

  • Tertiary qualifications in IT or a related discipline

Mandatory Formal Education/Qualifications

  • Computer Science, Business, Engineering or related computing degree plus one or more of; post graduate qualifications or equivalent certification such as CISSP, CISM, CRISC, ISSMP, CISA, ISO lead auditors, ISA etc.
  • Significant experience, certification or working knowledge of Cyber Security frameworks such as NIST, TOGAF, ISO27001, PCI


We have a fantastic work environment and culture here at Catch. We provide our passionate people with:

  • An organisation that is experiencing exponential growth
  • A vibrant and passionate Tech team who support and collaborate with each other
  • An organisation that truly does what some call ‘work/life’ balance
  • Employee benefits like discounted gym membership, free parking, access to the Kmart group employee benefits, free breakfast, free Wi-Fi, in house learning and development, monthly lunches plus loads more…

About Catch

Back in 2006, Catch set out to shake up Australia’s online retail landscape. We’ve come a long way since!

We’re not just one of the country’s top eCommerce players, with a proven track record of growth, an award-winning digital platform and second to none customer experience offering. Behind the scenes, we’re a world-class team of creatives, strategists, developers and innovators, and we’re on the hunt for like-minded people to jump on board.

We don’t play by the rules. We push boundaries. We think big. We stay curious and driven. Together, we embrace challenges and learn new things. All this, for one purpose: to provide our customers with an amazing online shopping experience, every day.

And we’re just getting started…

At Catch, we welcome all applications and screen them without attention to race, age, beliefs, sex, orientation, gender identity and disability.