Enterprise Security Architect (6 month contract) at Tyro

Security, Contract, 155 Clarence St, Sydney, NSW sydney contract
Description
Posted 10 days ago

Why work for us

We're not just like every other bank. Tyro has always been a tech company at heart, but fostering a diverse and inclusive environment, and a passion for continuous learning has always been one of the most important parts of our company's culture.

Tyros are a highly collaborative mix of people. You will work closely with our awesome teams and individuals in engineering, product management, customer support, sales and other functions within the business. Our over 500 strong team of Tyros, just like our customers, are the lifeblood of our business. We go to great lengths to ensure a positive and enjoyable employee experience for all. Everyone is committed to delivering great outcomes for our customers, and you will have the chance to change the face of banking for Australian businesses.

🎥 Take a look here what it's like to work at Tyro

The primary purpose of the Security function at Tyro is to ensure Tyro is suitable secure to protect Tyro’s employees and customers from security threats.
 
The primary role of the Security Architect Contractor is to actively engage with Security’s key technology stakeholders to develop the:
-          Secure by Design process and supporting guidance, templates and mechanism definitions
-          Application Security Reference Architecture and supporting mechanisms definitions
-          Platform Security Reference Architecture and supporting mechanisms definitions
 
You will have had experience developing Enterprise Security Architecture, preferably at an industry regulated organisation. You would also have experience with process design & ideally experience operating or establishing project security governance (Secure by Design) in an agile environment.
 
Successful candidates will be passionate about security, enthusiastic, customer focused, risk aware but highly pragmatic. You will encompass a balance of soft and technical skills with the ability to self-drive & navigate potentially complex people & process problems and be able to speak with engineering & security teams in their own languages.
 

You will be responsible for...

  • Secure By Design Process Development
  • Engage with security, platform and product engineering teams to understand the current state of project/delivery security review & assessment
  • Workshop with the relevant stakeholders a proposed Secure By Design process & expectations
  • Utilise standard techniques such as threat modelling & industry research to identify and document required mechanisms to support secure delivery process
  • Document the Secure By Design Service Architecture encompassing the processes, roles & responsibilities, key metrics
  • Support the development of required supporting collateral such as templates, guidance documents, etc to enable the successful launch of the new process
  • Application Security Reference Architecture
  • Engage with security, platform and product engineering teams to understand the current expectations for application security
  • Utilise standard techniques such as threat modelling, industry research, existing Tyro and your own knowledge to identify and document required mechanisms needed to develop secure applications
  • Develop the application security reference architecture to identify and document the control requirements when delivering secure applications encompassing the deployed of COTs products as well as fully internally developed applications.
  • Develop the Security Mechanisms (physical level control definitions) needed to support the application security reference architecture
  • Socialise and seek support for the proposed architecture form security, platform and engineering teams
  • Platform Security Reference Architecture
  • Engage with security, platform and product engineering teams to understand the current expectations for platform security (devices, on-prem, IaaS, PaaS & SaaS)
  • Utilise standard techniques such as threat modelling, industry research, existing Tyro and your own knowledge to identify and document required mechanisms needed to develop secure platforms
  • Develop the platform security reference architecture to identify and document the control requirements when delivering secure platforms
  • Develop the Security Mechanisms (physical level control definitions) needed to support the platform security reference architecture
  • Risk Management
  • Responsible for the identification and management of risk in day to day responsibilities.
  • Comply with Tyro policies and procedures including completing mandatory training within the required timeframes.
  • Role model positive risk behaviours and contribute towards a strong risk culture at Tyro.
  • What you will bring to the role...

  • Minimum 5 years developing and supporting Enterprise Security Architecture
  • SABSA certified
  • Strong experience engaging stakeholders across an organisation
  • Strong understanding of risk management
  • Experience in a financial services or other regulated environment
  • Experience with Agile methodologies and practices
  • Excellent time management and organisational skills
  • Excellent verbal and written communication skills
  • Perks & Benefits
    We offer some amazing employee benefits such as a flexible working environment with a mix of in-office and remote working, learning & development opportunities for professional and personal development, 16 weeks paid primary carers leave, 12 weeks paid secondary carers leave, annual team based volunteer day, novated leasing, social events which includes multiple craft beer kegs (selection of beers carefully selected by our beer connoisseurs), wide selection of wine, variety of snacks and a ping pong table, selection of board and video games and many more!

    Our Story
    Launching in 2003, Tyro has grown to become Australia’s largest EFTPOS provider of all ADIs outside the big four banks. With over 500 staff, $20.1 billion in transactions in FY20, we’re much more than an EFTPOS provider – Tyro is an Australian bank and operates under the supervision of the Australian Prudential Regulation Authority (APRA). With 10 industry firsts to market, Tyro is a leader in credit, debit and EFTPOS card acquiring, Medicare and private health fund claiming and rebating services to Australian businesses.

    Values
    Wow the Customer - We love our customers and we want them to love us too.
    Be Good - We're open and transparent, and we do the right thing - even when nobody's watching or it's really hard.
    Commit to Greatness - We think big, move fast and dare to be different. We're always asking "what's next?"
    Stay Hungry - We ooze passion and determination and we play as a team to win.

    Privacy and Submitting your Application
    By proceeding to submit your application, you acknowledge that you have read and understood Tyro’s Privacy Policy (www.tyro.com/privacy-policy/) and Privacy Statement & Consent for Job Applicants (www.tyro.com/privacy-statement-job-applicants/) and consent to Tyro collecting, using, holding and disclosing your personal information in accordance with these policies.

    Tyro does not accept unsolicited agency CV’s.  Please do not forward resumes to the team if you are not one of our listed preferred recruitment partners. Tyro is not responsible for any fees related to unsolicited resumes.