Openpay (ASX: OPY) is an omni-channel payments company that provides customers with flexible, interest-free payment plans, in-store, online and through the Openpay App. Our mission is to change the way people pay for the better.
The Openpay platform serves leading industries including retail, healthcare, automotive, home improvement, leisure and education. We operate in Australia, New Zealand, the UK and our expansion continues into the US this year.
About the opportunity
The Information Security Consultant drives the security program of works throughout the organisation. Working closely with the Information Security Manager, the role encompasses driving security strategy and improving security posture by managing security risks.
How you would contribute to the role
- Participate in the creation, review and update of information security policies, standards, and processes
- Identify security risks and advise the mitigation controls both technical and procedural.
- Ensure the security risks are managed as per the defined enterprise risk policy
- Manage and update the security risk register
- Work with various business units to ensure the alignment of business and IT processes with security standards and processes
- Conduct solution and architecture reviews of infrastructure, applications and services and ensure they align with the security policy and standards.
- Assist the Security manager in managing the PCI-DSS and other IT security audits
- Ensure the security incidents and breaches are managed effectively by the operations teams
- Conduct periodic IT security reviews as per the defined processes
- Work with the security manager to drive the security awareness and training across the organisation
- Overseeing the penetration testing of applications along with security operations teams and advise the risk remediation
- Conduct security risk assessment of third parties and ensure their processes align with Openpay security requirement
The bit about you
- Demonstrated experience overseeing security processes, managing security risks and delivering security projects (>5 years)
- Ability to align information security processes with business requirements
- Proven skills in development and rollout of security standards and processes
- Knowledge of security frameworks and standards such as PCI-DSS, ISO27001/2, NIST, OWASP
- Excellent documentation and communication skills.
- Project management skills and an ability to translate business requirements into IT security deliverables
- Bachelor’s degree in networking or computer science
- Industry certifications related to security such as GIAC Information Security professionals (GISP), CISA etc.
The team you'll be joining
Our team are self-starters with high energy, motivation, tenacity and focus. They crave the unknown and are excited by the opportunity to change and evolve as our company does. We take the time to recognise great work and celebrate our achievements together.
We’re a vibrant team of podcasters, ultra-marathoners, weightlifters, chess players, students and more. Every new team member adds to our culture, and we’re looking for people who enjoy being part of a diverse and ever-changing team.
If this sounds like you, we’d love to hear from you.