11 Information Security jobs in Australia
Cyber Security Analyst
Bankstown, New South Wales
Canterbury-Bankstown Council
Job Viewed
Job Description
Here at CBCity
The City of Canterbury Bankstown is one of the largest Council’s in NSW with the most culturally, socially and economically diverse communities in Sydney. We deliver 28 key services such as childcare, waste collection, parks maintenance, libraries, community facilities and aquatic centres to over 380,000 residents.
The role
CBCity is seeking a skilled and proactive Cyber Security Specialist to take a leading role in safeguarding Council’s digital assets. This position is responsible for identifying, investigating and managing security incidents and risks, while championing a strong and resilient security posture.
You’ll drive the implementation and continuous improvement of Council’s Cyber Security Framework and roadmap, ensuring our systems are protected and aligned with best practice in an ever-evolving threat landscape.
Duties will include but not be limited to:
- Conduct regular security assessments and audits to identify vulnerabilities and ensure effective controls.
- Investigate and analyse security incidents, determine root causes, and implement corrective actions.
- Implement and maintain security controls, including the ASD Essential 8.
- Monitor security logs, alerts, and network traffic to detect threats and breaches.
- Stay informed on emerging cyber risks, standards, and frameworks.
- Develop and maintain security policies, procedures, and guidelines.
- Maintain accurate technical designs, specifications, and documentation.
- Provide expert advice on technology strategies to strengthen Council’s security posture.
- Develop, test, and manage the Incident Response Plan and lead breach investigations.
- Perform additional duties aligned with skills and training as required.
For a full list of duties, click HERE to review the position description.
You will have
- Tertiary qualifications in IT, security, or related field, or equivalent skills and experience, with a strong commitment to ongoing professional development.
- Strong IT technical background in Windows environments, including databases, OS, M365, networking, and security.
- Proven experience with security compliance, privacy, and industry frameworks such as ISO 27001, NSW Cyber Security Policy, and ASD ISM.
- Skilled in threat intelligence and analysis to identify organisational risks.
- Experienced with vulnerability scanning, antivirus, identity management, and security tools.
- Extensive knowledge of risk management and cyber threat mitigation.
- Proficient in intrusion detection techniques for host and network security.
- Excellent written and verbal communication skills for diverse audiences.
- Strong analytical and problem-solving abilities, managing multiple requests within SLA.
Certifications such as CISSP, CISM, CIS, ITIL, or Project Management, or equivalent experience, are desirable but not essential. Experience in the Public Sector is also desirable but not mandatory.
The salary range for this opportunity starts at $111,988 (Grade 1, Step 1) + 12% super.
Salary is negotiable dependent on skills and experience.
What’s on offer
- An Attractive Remuneration Package.
- Embrace a better work-life balance with our Accrued Time Off program, designed to prioritise your well-being and help you manage the balance between your personal and professional life.
- Contribute to making a positive impact on our community.
- An investment in your professional growth, fostering continuous learning and development opportunities.
- Access to our employee Health and Wellbeing Programs.
For more information, please contact Dr. Jacqueline Hiddlestone (Coordinator ICT Governance and Risk) at
You will need to submit your application via the ‘Apply’ button below and create a login using your email address and upload a
- Resume; and
- Cover Letter addressing the selection criteria within the position description and explaining your suitability for the role.
Applications close Thursday, 3 July 2025.
CBCity is an equal opportunity employer committed to providing a working environment that embraces and values diversity and inclusion. We want our workplace to reflect the diverse community we serve. We encourage applications from all backgrounds, experiences, and abilities; this includes people with disability, Aboriginal and Torres Strait Islanders, the LGBTQIA+ community, and people from culturally diverse backgrounds.
If you require support with your application and throughout the recruitment process, please contact the Talent Management Team at
Successful applicants may be required to undertake a Criminal History Check, Medical and/or Working with Children Check in accordance with the position.
Applicants must hold an Australian citizenship, permanent residency, or possess a valid work permit/visa with full unrestricted working rights to be eligible.
This advertiser has chosen not to accept applicants from your region.
Job No Longer Available
This position is no longer listed on WhatJobs. The employer may be reviewing applications, filled the role, or has removed the listing.
However, we have similar jobs available for you below.
Information Security Analyst
Sydney, New South Wales
ServiceNow, Inc.
Posted today
Job Viewed
Job Description
It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today - ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.
**About Digital Technology & The ServiceNow Security Office?**
We're not yesterday's IT department, we're Digital Technology. The world around us keeps changing and so do we. We're redefining what it means to be IT with a mindset centered on transformation, experience, AI-driven automation, innovation, and growth?
?We're all about delivering delightful, secure customer and employee experiences that accelerate ServiceNow's journey to become the defining enterprise software company of the 21st century. And we love co-creating, using, and highlighting our own products to do it?
Ultimately, we strive to make the world work better for our employees and customers when you work in ServiceNow Digital Technology, you work for them?
?The ServiceNow Security Organization delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact?
**Team?**
ServiceNow's Global Security Support Center (GSSC) team leverages its diverse, highly skilled security background and expertise to help enhance ServiceNow's internal and external security program and communicate ServiceNow's commitment to security to the world. The global team works closely with other components within ServiceNow on security-related topics and directly interfaces with ServiceNow customers?
GSSC Mission Statement: To provide external & internal facing security support on behalf of the Security Organization to improve our customers' security posture and build Customer trust?
**Responsibilities/what you get to do in this role?**
+ Establish and maintain excellent customer experience.
+ Build trust and confidence with all customers.
+ Represent and be a point of contact and support for everything Security in ServiceNow for all internal and external customers.
+ Facilitate the successful workflow/triage of security-related incidents/cases by interacting with customers, various security teams, and other internal ServiceNow teams as needed.
+ Provide support and be available as?an escalation contact in the?On-Call rotation (weekends, public holidays and after hours) as and when needed, to ensure customers are taken care of, during times that demand availability and support.
+ Develop and deliver training programs for internal and external customers on security awareness and best practices.
+ Develop AI Solutions for automating repetitive activities.
+ Lead, triage, investigation and respond to security matters ensuring timely resolution and enhance customer experience and processes.
+ Work with Legal on security/privacy-related matters?
**_Note:_** _This position requires the Australian Baseline Security Clearance. If offered employment, you must be willing to complete and successfully pass the adjudication process. Australian citizens currently residing in Australia will be considered._
**To be successful in this role you have**
+ **Experience** : Minimum of 2-5 years of experience in information security or application security roles.
+ **Certifications** : Relevant certifications such as ServiceNow CSA (minimum), Azure AI Fundamentals or AWS Certified AI Practitioner, OSWA, GWAPT, GSEC, GCIH, CISSP, CISM are highly desirable.
+ **Skills**
+ Technical: Proficiency in security tools and technologies, logging, SIEM, WAF, firewalls, intrusion detection systems, vulnerability management platforms, and encryption techniques.
+ Risk: Articulate Security risks in simple English to customers.
+ Artificial Intelligence: Exposure to AI technologies desired but not mandatory.
+ Analytical: Strong analytical and problem-solving skills, with the ability to assess and respond to complex security issues.
+ Communication: Excellent verbal and written communication skills, with the ability to convey technical information to non-technical stakeholders.
+ Team Collaboration: Proven ability to work effectively in a collaborative team environment.
+ Concepts: Good understanding of Security concepts and articulating in simple terms without using Jargons and make sense to customers.
+ Application Security: Good understanding of common web application vulnerabilities (OWASP Top Ten) & mitigation strategies
+ Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry (Advantage)
+ **Education** : Bachelor's degree in computer science or information security, or relevant information security experience.
+ **BONUS** : Web-based vulnerability exploitation experience?
+ **Attributes**
+ High self-confidence.
+ Proactive and self-motivated with a strong sense of ownership and accountability.
+ Attention to detail and capable of managing multiple tasks and priorities simultaneously.
+ Innovative mindset with the ability to develop creative solutions to complex security challenges.
+ Highly positive mindset that should never get faded while serving different cultures across the globe.
+ Ability to help customers in all best possible ways.
_This Level 2/3 Information Security and Application Security Specialist role is an exciting opportunity to join a dynamic and forward-thinking company. If you have the skills, experience, and passion for ensuring the security and integrity of information systems, we invite you to apply and become part of the ServiceNow team._
**_Note:_** _This position requires the Australian Baseline Security Clearance. If offered employment, you must be willing to complete and successfully pass the adjudication process. Australian citizens currently residing in Australia will be considered._
**Work Personas**
We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here ( . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.
**Equal Opportunity Employer**
ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements.
**Accommodations**
We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact for assistance.
**Export Control Regulations**
For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities.
From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.
**About Digital Technology & The ServiceNow Security Office?**
We're not yesterday's IT department, we're Digital Technology. The world around us keeps changing and so do we. We're redefining what it means to be IT with a mindset centered on transformation, experience, AI-driven automation, innovation, and growth?
?We're all about delivering delightful, secure customer and employee experiences that accelerate ServiceNow's journey to become the defining enterprise software company of the 21st century. And we love co-creating, using, and highlighting our own products to do it?
Ultimately, we strive to make the world work better for our employees and customers when you work in ServiceNow Digital Technology, you work for them?
?The ServiceNow Security Organization delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact?
**Team?**
ServiceNow's Global Security Support Center (GSSC) team leverages its diverse, highly skilled security background and expertise to help enhance ServiceNow's internal and external security program and communicate ServiceNow's commitment to security to the world. The global team works closely with other components within ServiceNow on security-related topics and directly interfaces with ServiceNow customers?
GSSC Mission Statement: To provide external & internal facing security support on behalf of the Security Organization to improve our customers' security posture and build Customer trust?
**Responsibilities/what you get to do in this role?**
+ Establish and maintain excellent customer experience.
+ Build trust and confidence with all customers.
+ Represent and be a point of contact and support for everything Security in ServiceNow for all internal and external customers.
+ Facilitate the successful workflow/triage of security-related incidents/cases by interacting with customers, various security teams, and other internal ServiceNow teams as needed.
+ Provide support and be available as?an escalation contact in the?On-Call rotation (weekends, public holidays and after hours) as and when needed, to ensure customers are taken care of, during times that demand availability and support.
+ Develop and deliver training programs for internal and external customers on security awareness and best practices.
+ Develop AI Solutions for automating repetitive activities.
+ Lead, triage, investigation and respond to security matters ensuring timely resolution and enhance customer experience and processes.
+ Work with Legal on security/privacy-related matters?
**_Note:_** _This position requires the Australian Baseline Security Clearance. If offered employment, you must be willing to complete and successfully pass the adjudication process. Australian citizens currently residing in Australia will be considered._
**To be successful in this role you have**
+ **Experience** : Minimum of 2-5 years of experience in information security or application security roles.
+ **Certifications** : Relevant certifications such as ServiceNow CSA (minimum), Azure AI Fundamentals or AWS Certified AI Practitioner, OSWA, GWAPT, GSEC, GCIH, CISSP, CISM are highly desirable.
+ **Skills**
+ Technical: Proficiency in security tools and technologies, logging, SIEM, WAF, firewalls, intrusion detection systems, vulnerability management platforms, and encryption techniques.
+ Risk: Articulate Security risks in simple English to customers.
+ Artificial Intelligence: Exposure to AI technologies desired but not mandatory.
+ Analytical: Strong analytical and problem-solving skills, with the ability to assess and respond to complex security issues.
+ Communication: Excellent verbal and written communication skills, with the ability to convey technical information to non-technical stakeholders.
+ Team Collaboration: Proven ability to work effectively in a collaborative team environment.
+ Concepts: Good understanding of Security concepts and articulating in simple terms without using Jargons and make sense to customers.
+ Application Security: Good understanding of common web application vulnerabilities (OWASP Top Ten) & mitigation strategies
+ Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry (Advantage)
+ **Education** : Bachelor's degree in computer science or information security, or relevant information security experience.
+ **BONUS** : Web-based vulnerability exploitation experience?
+ **Attributes**
+ High self-confidence.
+ Proactive and self-motivated with a strong sense of ownership and accountability.
+ Attention to detail and capable of managing multiple tasks and priorities simultaneously.
+ Innovative mindset with the ability to develop creative solutions to complex security challenges.
+ Highly positive mindset that should never get faded while serving different cultures across the globe.
+ Ability to help customers in all best possible ways.
_This Level 2/3 Information Security and Application Security Specialist role is an exciting opportunity to join a dynamic and forward-thinking company. If you have the skills, experience, and passion for ensuring the security and integrity of information systems, we invite you to apply and become part of the ServiceNow team._
**_Note:_** _This position requires the Australian Baseline Security Clearance. If offered employment, you must be willing to complete and successfully pass the adjudication process. Australian citizens currently residing in Australia will be considered._
**Work Personas**
We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here ( . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.
**Equal Opportunity Employer**
ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements.
**Accommodations**
We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact for assistance.
**Export Control Regulations**
For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities.
From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.
This advertiser has chosen not to accept applicants from your region.
0
Senior Information Security Officer - Defence Sector
Canberra, Australian Capital Territory
KBR
Posted 1 day ago
Job Viewed
Job Description
Title:
Senior Information Security Officer - Defence Sector
Your KBR future - delivering solutions and changing the world
About KBR:
We are a company of innovators, thinkers, creators, explorers, volunteers and dreamers who all share one goal - to improve the world.
KBR delivers science, technology and engineering solutions to governments and companies around the world. KBR employs approximately 34,000 people performing diverse, complex, and mission-critical roles in 33 countries.
For 65 years, KBR and its heritage companies are proud to have delivered some of Australia's largest and most complex projects.
With around 2,000 employees in 6 primary offices throughout Australia, we are committed to social and environmental sustainability and delivering projects with a digital mindset driving innovation within our business and for our customers.
We help ensure mission success on land, in the air, at sea, in space and cyberspace for our Defence customers. From individual technologies and services to comprehensive project delivery and mission execution, no other company can match the breadth and depth of KBR.
KBR comprises a talented team who provide a broad spectrum of capabilities across Australia and the Asia Pacific. Our proven project teams readily address complex and multi-disciplinary activities, providing low-risk and cost-effective solutions to the Defence force.
The Opportunity:
KBR is inviting expressions of interest from highly skilled and experienced Senior Information Security Officers to support critical Defence programs based in Brisbane or Canberra.
As a Senior Information Security Officer, you will play a vital role in ensuring the protection of Defence systems, information, and assets, supporting the ongoing delivery of secure, reliable, and compliant Defence capabilities. This is an exciting opportunity to contribute to national security outcomes and work with a diverse team of experts on high-impact Defence projects.
The key responsibilities of the role will include, but is not limited to:
+ Lead the development, implementation, and maintenance of Information Security Management Systems (ISMS) to ensure Defence compliance with ISO 27001, ACSC Essential 8, and Defence Security requirements.
+ Conduct risk assessments and vulnerability management, ensuring appropriate information security controls are in place to protect Defence systems and data across their lifecycle.
+ Develop and enforce information security policies, procedures, and best practices, ensuring Defence IT infrastructure and systems are protected against cyber threats and vulnerabilities.
+ Support the implementation and maintenance of cybersecurity frameworks and ensure compliance with national and international information security standards.
+ Provide expert advice to Defence stakeholders and project teams on information security best practices, emerging threats, and mitigation strategies.
+ Collaborate with cross-functional teams, including Defence security, engineering, and project management, to ensure robust security governance for all Defence programs.
+ Conduct security audits, assessments, and incident response activities to ensure the availability, integrity, and confidentiality of Defence information assets.
+ Maintain awareness of current cybersecurity trends and emerging threats, and continuously update security practices to protect Defence information systems.
As the ideal candidate you will bring:
+ Tertiary qualifications in Information Security, Computer Science, Information Technology, or a related discipline.
+ Minimum 5 years of experience in an Information Security role, ideally within Defence, Government, or similarly regulated industries.
+ Expertise in implementing and managing Information Security Management Systems (ISMS) and conducting security risk assessments.
+ Strong knowledge of Defence security policies, standards, and frameworks, including ISO 27001, NIST, ACSC Essential 8, and DEF(AUST) 3000.
+ Experience with security tools, such as SIEM, firewalls, endpoint protection, and vulnerability scanning tools.
+ Proven ability to communicate effectively with senior stakeholders, providing expert guidance on complex security issues.
+ Australian Citizenship is essential due to security clearance requirements.
+ NV1 security clearance (or the ability to obtain) is highly desirable.
Benefits of KBR
+ A workplace culture certified as a Great Place To Work (Aus, India, UK & US)
+ Flexible working conditions
+ Competitive salary (including annual reviews)
+ Paid Parental leave
+ Paid Reservist leave
+ Income protection
+ Corporate rewards
+ Salary packaging/Novated leasing
+ Discounted employee stock purchase plans
+ Flu shots, skin checks and private health insurance discounts
+ Career development: Online learning, mentorship and career pathways
If you're ready to shape tomorrow, let's get started. Apply Now!
KBR acknowledges the Traditional Custodians of Country throughout Australia and their continuing connections to land, sea, community and culture. We pay our respects to Elders past and present.
As a Major Service Provider of the Australian Defence Force, an AGSVA security clearance will be required and compliance to International Traffic in Arms Regulations (ITAR). As such, our hiring decisions are based on the key requirements of each role and candidates are selected based on their unique strengths and experiences.
#LI-JAW1
Senior Information Security Officer - Defence Sector
Your KBR future - delivering solutions and changing the world
About KBR:
We are a company of innovators, thinkers, creators, explorers, volunteers and dreamers who all share one goal - to improve the world.
KBR delivers science, technology and engineering solutions to governments and companies around the world. KBR employs approximately 34,000 people performing diverse, complex, and mission-critical roles in 33 countries.
For 65 years, KBR and its heritage companies are proud to have delivered some of Australia's largest and most complex projects.
With around 2,000 employees in 6 primary offices throughout Australia, we are committed to social and environmental sustainability and delivering projects with a digital mindset driving innovation within our business and for our customers.
We help ensure mission success on land, in the air, at sea, in space and cyberspace for our Defence customers. From individual technologies and services to comprehensive project delivery and mission execution, no other company can match the breadth and depth of KBR.
KBR comprises a talented team who provide a broad spectrum of capabilities across Australia and the Asia Pacific. Our proven project teams readily address complex and multi-disciplinary activities, providing low-risk and cost-effective solutions to the Defence force.
The Opportunity:
KBR is inviting expressions of interest from highly skilled and experienced Senior Information Security Officers to support critical Defence programs based in Brisbane or Canberra.
As a Senior Information Security Officer, you will play a vital role in ensuring the protection of Defence systems, information, and assets, supporting the ongoing delivery of secure, reliable, and compliant Defence capabilities. This is an exciting opportunity to contribute to national security outcomes and work with a diverse team of experts on high-impact Defence projects.
The key responsibilities of the role will include, but is not limited to:
+ Lead the development, implementation, and maintenance of Information Security Management Systems (ISMS) to ensure Defence compliance with ISO 27001, ACSC Essential 8, and Defence Security requirements.
+ Conduct risk assessments and vulnerability management, ensuring appropriate information security controls are in place to protect Defence systems and data across their lifecycle.
+ Develop and enforce information security policies, procedures, and best practices, ensuring Defence IT infrastructure and systems are protected against cyber threats and vulnerabilities.
+ Support the implementation and maintenance of cybersecurity frameworks and ensure compliance with national and international information security standards.
+ Provide expert advice to Defence stakeholders and project teams on information security best practices, emerging threats, and mitigation strategies.
+ Collaborate with cross-functional teams, including Defence security, engineering, and project management, to ensure robust security governance for all Defence programs.
+ Conduct security audits, assessments, and incident response activities to ensure the availability, integrity, and confidentiality of Defence information assets.
+ Maintain awareness of current cybersecurity trends and emerging threats, and continuously update security practices to protect Defence information systems.
As the ideal candidate you will bring:
+ Tertiary qualifications in Information Security, Computer Science, Information Technology, or a related discipline.
+ Minimum 5 years of experience in an Information Security role, ideally within Defence, Government, or similarly regulated industries.
+ Expertise in implementing and managing Information Security Management Systems (ISMS) and conducting security risk assessments.
+ Strong knowledge of Defence security policies, standards, and frameworks, including ISO 27001, NIST, ACSC Essential 8, and DEF(AUST) 3000.
+ Experience with security tools, such as SIEM, firewalls, endpoint protection, and vulnerability scanning tools.
+ Proven ability to communicate effectively with senior stakeholders, providing expert guidance on complex security issues.
+ Australian Citizenship is essential due to security clearance requirements.
+ NV1 security clearance (or the ability to obtain) is highly desirable.
Benefits of KBR
+ A workplace culture certified as a Great Place To Work (Aus, India, UK & US)
+ Flexible working conditions
+ Competitive salary (including annual reviews)
+ Paid Parental leave
+ Paid Reservist leave
+ Income protection
+ Corporate rewards
+ Salary packaging/Novated leasing
+ Discounted employee stock purchase plans
+ Flu shots, skin checks and private health insurance discounts
+ Career development: Online learning, mentorship and career pathways
If you're ready to shape tomorrow, let's get started. Apply Now!
KBR acknowledges the Traditional Custodians of Country throughout Australia and their continuing connections to land, sea, community and culture. We pay our respects to Elders past and present.
As a Major Service Provider of the Australian Defence Force, an AGSVA security clearance will be required and compliance to International Traffic in Arms Regulations (ITAR). As such, our hiring decisions are based on the key requirements of each role and candidates are selected based on their unique strengths and experiences.
#LI-JAW1
This advertiser has chosen not to accept applicants from your region.
1
Senior Information Security Officer - Defence Sector
Brisbane, Queensland
KBR
Posted 1 day ago
Job Viewed
Job Description
Title:
Senior Information Security Officer - Defence Sector
Your KBR future - delivering solutions and changing the world
About KBR:
We are a company of innovators, thinkers, creators, explorers, volunteers and dreamers who all share one goal - to improve the world.
KBR delivers science, technology and engineering solutions to governments and companies around the world. KBR employs approximately 34,000 people performing diverse, complex, and mission-critical roles in 33 countries.
For 65 years, KBR and its heritage companies are proud to have delivered some of Australia's largest and most complex projects.
With around 2,000 employees in 6 primary offices throughout Australia, we are committed to social and environmental sustainability and delivering projects with a digital mindset driving innovation within our business and for our customers.
We help ensure mission success on land, in the air, at sea, in space and cyberspace for our Defence customers. From individual technologies and services to comprehensive project delivery and mission execution, no other company can match the breadth and depth of KBR.
KBR comprises a talented team who provide a broad spectrum of capabilities across Australia and the Asia Pacific. Our proven project teams readily address complex and multi-disciplinary activities, providing low-risk and cost-effective solutions to the Defence force.
The Opportunity:
KBR is inviting expressions of interest from highly skilled and experienced Senior Information Security Officers to support critical Defence programs based in Brisbane or Canberra.
As a Senior Information Security Officer, you will play a vital role in ensuring the protection of Defence systems, information, and assets, supporting the ongoing delivery of secure, reliable, and compliant Defence capabilities. This is an exciting opportunity to contribute to national security outcomes and work with a diverse team of experts on high-impact Defence projects.
The key responsibilities of the role will include, but is not limited to:
+ Lead the development, implementation, and maintenance of Information Security Management Systems (ISMS) to ensure Defence compliance with ISO 27001, ACSC Essential 8, and Defence Security requirements.
+ Conduct risk assessments and vulnerability management, ensuring appropriate information security controls are in place to protect Defence systems and data across their lifecycle.
+ Develop and enforce information security policies, procedures, and best practices, ensuring Defence IT infrastructure and systems are protected against cyber threats and vulnerabilities.
+ Support the implementation and maintenance of cybersecurity frameworks and ensure compliance with national and international information security standards.
+ Provide expert advice to Defence stakeholders and project teams on information security best practices, emerging threats, and mitigation strategies.
+ Collaborate with cross-functional teams, including Defence security, engineering, and project management, to ensure robust security governance for all Defence programs.
+ Conduct security audits, assessments, and incident response activities to ensure the availability, integrity, and confidentiality of Defence information assets.
+ Maintain awareness of current cybersecurity trends and emerging threats, and continuously update security practices to protect Defence information systems.
As the ideal candidate you will bring:
+ Tertiary qualifications in Information Security, Computer Science, Information Technology, or a related discipline.
+ Minimum 5 years of experience in an Information Security role, ideally within Defence, Government, or similarly regulated industries.
+ Expertise in implementing and managing Information Security Management Systems (ISMS) and conducting security risk assessments.
+ Strong knowledge of Defence security policies, standards, and frameworks, including ISO 27001, NIST, ACSC Essential 8, and DEF(AUST) 3000.
+ Experience with security tools, such as SIEM, firewalls, endpoint protection, and vulnerability scanning tools.
+ Proven ability to communicate effectively with senior stakeholders, providing expert guidance on complex security issues.
+ Australian Citizenship is essential due to security clearance requirements.
+ NV1 security clearance (or the ability to obtain) is highly desirable.
Benefits of KBR
+ A workplace culture certified as a Great Place To Work (Aus, India, UK & US)
+ Flexible working conditions
+ Competitive salary (including annual reviews)
+ Paid Parental leave
+ Paid Reservist leave
+ Income protection
+ Corporate rewards
+ Salary packaging/Novated leasing
+ Discounted employee stock purchase plans
+ Flu shots, skin checks and private health insurance discounts
+ Career development: Online learning, mentorship and career pathways
If you're ready to shape tomorrow, let's get started. Apply Now!
KBR acknowledges the Traditional Custodians of Country throughout Australia and their continuing connections to land, sea, community and culture. We pay our respects to Elders past and present.
As a Major Service Provider of the Australian Defence Force, an AGSVA security clearance will be required and compliance to International Traffic in Arms Regulations (ITAR). As such, our hiring decisions are based on the key requirements of each role and candidates are selected based on their unique strengths and experiences.
#LI-JAW1
Senior Information Security Officer - Defence Sector
Your KBR future - delivering solutions and changing the world
About KBR:
We are a company of innovators, thinkers, creators, explorers, volunteers and dreamers who all share one goal - to improve the world.
KBR delivers science, technology and engineering solutions to governments and companies around the world. KBR employs approximately 34,000 people performing diverse, complex, and mission-critical roles in 33 countries.
For 65 years, KBR and its heritage companies are proud to have delivered some of Australia's largest and most complex projects.
With around 2,000 employees in 6 primary offices throughout Australia, we are committed to social and environmental sustainability and delivering projects with a digital mindset driving innovation within our business and for our customers.
We help ensure mission success on land, in the air, at sea, in space and cyberspace for our Defence customers. From individual technologies and services to comprehensive project delivery and mission execution, no other company can match the breadth and depth of KBR.
KBR comprises a talented team who provide a broad spectrum of capabilities across Australia and the Asia Pacific. Our proven project teams readily address complex and multi-disciplinary activities, providing low-risk and cost-effective solutions to the Defence force.
The Opportunity:
KBR is inviting expressions of interest from highly skilled and experienced Senior Information Security Officers to support critical Defence programs based in Brisbane or Canberra.
As a Senior Information Security Officer, you will play a vital role in ensuring the protection of Defence systems, information, and assets, supporting the ongoing delivery of secure, reliable, and compliant Defence capabilities. This is an exciting opportunity to contribute to national security outcomes and work with a diverse team of experts on high-impact Defence projects.
The key responsibilities of the role will include, but is not limited to:
+ Lead the development, implementation, and maintenance of Information Security Management Systems (ISMS) to ensure Defence compliance with ISO 27001, ACSC Essential 8, and Defence Security requirements.
+ Conduct risk assessments and vulnerability management, ensuring appropriate information security controls are in place to protect Defence systems and data across their lifecycle.
+ Develop and enforce information security policies, procedures, and best practices, ensuring Defence IT infrastructure and systems are protected against cyber threats and vulnerabilities.
+ Support the implementation and maintenance of cybersecurity frameworks and ensure compliance with national and international information security standards.
+ Provide expert advice to Defence stakeholders and project teams on information security best practices, emerging threats, and mitigation strategies.
+ Collaborate with cross-functional teams, including Defence security, engineering, and project management, to ensure robust security governance for all Defence programs.
+ Conduct security audits, assessments, and incident response activities to ensure the availability, integrity, and confidentiality of Defence information assets.
+ Maintain awareness of current cybersecurity trends and emerging threats, and continuously update security practices to protect Defence information systems.
As the ideal candidate you will bring:
+ Tertiary qualifications in Information Security, Computer Science, Information Technology, or a related discipline.
+ Minimum 5 years of experience in an Information Security role, ideally within Defence, Government, or similarly regulated industries.
+ Expertise in implementing and managing Information Security Management Systems (ISMS) and conducting security risk assessments.
+ Strong knowledge of Defence security policies, standards, and frameworks, including ISO 27001, NIST, ACSC Essential 8, and DEF(AUST) 3000.
+ Experience with security tools, such as SIEM, firewalls, endpoint protection, and vulnerability scanning tools.
+ Proven ability to communicate effectively with senior stakeholders, providing expert guidance on complex security issues.
+ Australian Citizenship is essential due to security clearance requirements.
+ NV1 security clearance (or the ability to obtain) is highly desirable.
Benefits of KBR
+ A workplace culture certified as a Great Place To Work (Aus, India, UK & US)
+ Flexible working conditions
+ Competitive salary (including annual reviews)
+ Paid Parental leave
+ Paid Reservist leave
+ Income protection
+ Corporate rewards
+ Salary packaging/Novated leasing
+ Discounted employee stock purchase plans
+ Flu shots, skin checks and private health insurance discounts
+ Career development: Online learning, mentorship and career pathways
If you're ready to shape tomorrow, let's get started. Apply Now!
KBR acknowledges the Traditional Custodians of Country throughout Australia and their continuing connections to land, sea, community and culture. We pay our respects to Elders past and present.
As a Major Service Provider of the Australian Defence Force, an AGSVA security clearance will be required and compliance to International Traffic in Arms Regulations (ITAR). As such, our hiring decisions are based on the key requirements of each role and candidates are selected based on their unique strengths and experiences.
#LI-JAW1
This advertiser has chosen not to accept applicants from your region.
2
Vice President, Insider Threat Investigations, Global Information Security, Australia
Sydney, New South Wales
Bank of America
Posted 1 day ago
Job Viewed
Job Description
Vice President, Insider Threat Investigations, Global Information Security, Australia
Sydney, Australia;#02-01, Singapore
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
**What you can expect**
The Cyber Security Operations (CSO) function within Global Information Security enables the various businesses of Bank of America to conduct operations in a secure, trusted, and safe manner by defending the organization and our customers from cyberattacks. Insider Threat Investigators (ITI) within CSO investigates risks and protects against threats posed to the bank by insiders and works closely with peer teams across the enterprise to ensure comprehensive and proactive controls and monitoring are in place to detect and mitigate insider risks.
Insider Threat Investigator is responsible for conducting data analysis of insider threat auditing and monitoring software resources to detect and identify insider risk activities. In addition, they will be required to complete investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest. The role will also require regular collaboration with experts in and out of the team, both in country and in other regions, where excellent communication skills will also be necessary.
**What you will do**
+ Conduct investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest;
+ Complete written reports in compliance with current reporting procedures and policies. Must have the ability to write detailed, concise, and accurate reports;
+ Ability to manage high risk regional information security incidents by working in conjunction with response partners and other risk teams;?
+ Utilizing next generation tools and technology to conduct deep behavioral analytics assessments/ investigations with a focus on mitigating information security related insider threats;
+ Ability to collect and analyze data from various applications to fulfill an investigation/support request(s)
+ Document each stage of the investigation with clear & concise notes
+ Effectively pivot communication style & verbiage based on audience (i.e. non-technical)
+ Ability to collaborate well with other teams to drive resolution to an investigation, across multiple regions/countries
+ Ability to effectively multi-task between several competing efforts
+ Maintain an awareness of industry challenges and advancements to add value to enhancing processes & technologies
**Your background**
+ 5+ years' work experience with an insider threat focus or technical background that could be applied to understand key insider risk components
+ Curiosity, diversity of thought, critical thinking, willingness to learn, and persistence to identify risk
+ Methodical and systematical approach to utilizing technical tools, applications, etc.
+ Familiarity with Splunk, ENCASE, CrowdStrike and other similar investigative and/or monitoring tools
+ Exceptional written and verbal communication skills to various audiences
+ Mindset of curiosity: not afraid to learn new things
+ Excellent organizational skills to manage caseload, projects and ad hoc requests
+ Experience in conducting complex investigations with an Insider Threat emphasis
+ Knowledge in how to conduct computer forensics
+ Familiarity with participating/driving incident response events
**Desired Skills**
+ An understanding of human behavior / human psychology or investigative background
+ Technical experience with information security / data loss prevention tools or controls such as Intrusion Detection & Prevention technologies (IDS/IPS) and/or SIEM systems and other data correlation engines.
+ Extensive experience in Splunk, ENCASE, CrowdStrike and other similar investigative and/or monitoring tools
+ Certifications - Security+, Network+, CEH, CISSP, CCNA, CCNP, EnCE other cyber security related certifications
+ Familiarity with sleuthing in OSINT
+ Familiarity with working in cloud
+ Networking/System administration experience
+ Experience in scripting languages for databases
+ Bachelor's in computer science or related fields
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE .
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.
Sydney, Australia;#02-01, Singapore
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
**What you can expect**
The Cyber Security Operations (CSO) function within Global Information Security enables the various businesses of Bank of America to conduct operations in a secure, trusted, and safe manner by defending the organization and our customers from cyberattacks. Insider Threat Investigators (ITI) within CSO investigates risks and protects against threats posed to the bank by insiders and works closely with peer teams across the enterprise to ensure comprehensive and proactive controls and monitoring are in place to detect and mitigate insider risks.
Insider Threat Investigator is responsible for conducting data analysis of insider threat auditing and monitoring software resources to detect and identify insider risk activities. In addition, they will be required to complete investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest. The role will also require regular collaboration with experts in and out of the team, both in country and in other regions, where excellent communication skills will also be necessary.
**What you will do**
+ Conduct investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest;
+ Complete written reports in compliance with current reporting procedures and policies. Must have the ability to write detailed, concise, and accurate reports;
+ Ability to manage high risk regional information security incidents by working in conjunction with response partners and other risk teams;?
+ Utilizing next generation tools and technology to conduct deep behavioral analytics assessments/ investigations with a focus on mitigating information security related insider threats;
+ Ability to collect and analyze data from various applications to fulfill an investigation/support request(s)
+ Document each stage of the investigation with clear & concise notes
+ Effectively pivot communication style & verbiage based on audience (i.e. non-technical)
+ Ability to collaborate well with other teams to drive resolution to an investigation, across multiple regions/countries
+ Ability to effectively multi-task between several competing efforts
+ Maintain an awareness of industry challenges and advancements to add value to enhancing processes & technologies
**Your background**
+ 5+ years' work experience with an insider threat focus or technical background that could be applied to understand key insider risk components
+ Curiosity, diversity of thought, critical thinking, willingness to learn, and persistence to identify risk
+ Methodical and systematical approach to utilizing technical tools, applications, etc.
+ Familiarity with Splunk, ENCASE, CrowdStrike and other similar investigative and/or monitoring tools
+ Exceptional written and verbal communication skills to various audiences
+ Mindset of curiosity: not afraid to learn new things
+ Excellent organizational skills to manage caseload, projects and ad hoc requests
+ Experience in conducting complex investigations with an Insider Threat emphasis
+ Knowledge in how to conduct computer forensics
+ Familiarity with participating/driving incident response events
**Desired Skills**
+ An understanding of human behavior / human psychology or investigative background
+ Technical experience with information security / data loss prevention tools or controls such as Intrusion Detection & Prevention technologies (IDS/IPS) and/or SIEM systems and other data correlation engines.
+ Extensive experience in Splunk, ENCASE, CrowdStrike and other similar investigative and/or monitoring tools
+ Certifications - Security+, Network+, CEH, CISSP, CCNA, CCNP, EnCE other cyber security related certifications
+ Familiarity with sleuthing in OSINT
+ Familiarity with working in cloud
+ Networking/System administration experience
+ Experience in scripting languages for databases
+ Bachelor's in computer science or related fields
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE .
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.
This advertiser has chosen not to accept applicants from your region.
3
Assistant Vice President / Vice President, Digital Forensics, Global Information Security
Sydney, New South Wales
Bank of America
Posted 1 day ago
Job Viewed
Job Description
Assistant Vice President / Vice President, Digital Forensics, Global Information Security
Sydney, Australia;#02-01, Singapore
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Bank of America is seeking to expand and diversify the Digital Forensics and Incident Response (DFIR) capability with adaptable and resilient individuals from a range of different backgrounds and experience.
This role is open to **individuals with up to/between 3 to 5 years of Digital Forensics experience** .
**Required Background and Experience:**
+ Identify, analyse, and present evidential data from workstation orientated systems, including but not limited to systems installed with Microsoft Windows; and
+ Such candidates will have experience in investigating specific facets or workstreams of various incident scenarios/investigations as part of a broader DFIR/investigative team; and
+ This selected candidate will have accumulated some form of generalist or broad knowledge in computing and networking, together with at least a generalist understanding of information security technologies, techniques, and processes; and
+ The ability to participate unsupervised on incidents/investigations from commencement to cessation.
**Knowledge in one or more of the following Digital Forensics, and Incident Response (DFIR) background(s) will be advantageous, though not required:**
+ Knowledge of operating system artefacts, file systems, and inner workings of the following:
+ Microsoft Windows; and/or
+ Apple MacOS; and/or
+ Linux/Unix distributions (distros) with particular focus on RedHat.
+ Cloud and/or containerization technologies (i.e. Docker and Kubernetes) within an enterprise environment.
**Desirable Qualifications and Skills:**
+ Bachelor's degree in a Computer Science, Computer Engineering, Information Security or Cyber/Digital Forensics related discipline; and/or
+ Digital Forensics and Incident Response Certification (i.e. EnCE or related SANS certification, such as GCFA); and/or
+ Cloud related qualification or certification, such as CompTIA Cloud+, or any other related qualification in respect of Microsoft Azure or Amazon Web Services (AWS); and/or
+ Linux Qualification or Certification, such as Red Hat Certified System Administrator (RHCSA); and/or
+ Scripting experience within Windows or Linux environments
**What you will do:**
Not one day is the same for the Cyber Threat Defence (CTD) team and this is especially true for Digital Forensics (DF). Anyone working within the Digital Forensics team can expect the following:
+ Utilising your Digital Forensics and Incident Response skills to participate in incidents or investigations.
+ Discovering unfamiliar technology or data during the midst of an incident or investigation and assessing its relevance to the issues at hand, i.e. stored information, auditing capability, evidential value etc.
+ Leveraging upon your ability to communicate, either written or verbally, in a clear, concise and inclusive manner to technical and non-technical audiences with colleagues, peers and stakeholders.
+ Embracing new or upcoming technologies, and assessing how they could apply or improve upon the way in which the team responds to incidents or investigations.
+ Working alongside a global team with colleagues in the USA, Europe, and Asia-Pacific Region, whilst placing emphasis on collaboration, sharing of ideas or methodologies.
+ Willingness to undertake and share responsibilities through the participation of an on-call schedule.
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE .
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.
Sydney, Australia;#02-01, Singapore
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Bank of America is seeking to expand and diversify the Digital Forensics and Incident Response (DFIR) capability with adaptable and resilient individuals from a range of different backgrounds and experience.
This role is open to **individuals with up to/between 3 to 5 years of Digital Forensics experience** .
**Required Background and Experience:**
+ Identify, analyse, and present evidential data from workstation orientated systems, including but not limited to systems installed with Microsoft Windows; and
+ Such candidates will have experience in investigating specific facets or workstreams of various incident scenarios/investigations as part of a broader DFIR/investigative team; and
+ This selected candidate will have accumulated some form of generalist or broad knowledge in computing and networking, together with at least a generalist understanding of information security technologies, techniques, and processes; and
+ The ability to participate unsupervised on incidents/investigations from commencement to cessation.
**Knowledge in one or more of the following Digital Forensics, and Incident Response (DFIR) background(s) will be advantageous, though not required:**
+ Knowledge of operating system artefacts, file systems, and inner workings of the following:
+ Microsoft Windows; and/or
+ Apple MacOS; and/or
+ Linux/Unix distributions (distros) with particular focus on RedHat.
+ Cloud and/or containerization technologies (i.e. Docker and Kubernetes) within an enterprise environment.
**Desirable Qualifications and Skills:**
+ Bachelor's degree in a Computer Science, Computer Engineering, Information Security or Cyber/Digital Forensics related discipline; and/or
+ Digital Forensics and Incident Response Certification (i.e. EnCE or related SANS certification, such as GCFA); and/or
+ Cloud related qualification or certification, such as CompTIA Cloud+, or any other related qualification in respect of Microsoft Azure or Amazon Web Services (AWS); and/or
+ Linux Qualification or Certification, such as Red Hat Certified System Administrator (RHCSA); and/or
+ Scripting experience within Windows or Linux environments
**What you will do:**
Not one day is the same for the Cyber Threat Defence (CTD) team and this is especially true for Digital Forensics (DF). Anyone working within the Digital Forensics team can expect the following:
+ Utilising your Digital Forensics and Incident Response skills to participate in incidents or investigations.
+ Discovering unfamiliar technology or data during the midst of an incident or investigation and assessing its relevance to the issues at hand, i.e. stored information, auditing capability, evidential value etc.
+ Leveraging upon your ability to communicate, either written or verbally, in a clear, concise and inclusive manner to technical and non-technical audiences with colleagues, peers and stakeholders.
+ Embracing new or upcoming technologies, and assessing how they could apply or improve upon the way in which the team responds to incidents or investigations.
+ Working alongside a global team with colleagues in the USA, Europe, and Asia-Pacific Region, whilst placing emphasis on collaboration, sharing of ideas or methodologies.
+ Willingness to undertake and share responsibilities through the participation of an on-call schedule.
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE .
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.
This advertiser has chosen not to accept applicants from your region.
4
Vice President, Senior Cloud Security Controls Enablement Specialist, Global Information Security...
Sydney, New South Wales
Bank of America
Posted 1 day ago
Job Viewed
Job Description
Vice President, Senior Cloud Security Controls Enablement Specialist, Global Information Security, Australia
Sydney, Australia
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
**Job Overview:**
The Cloud Security Controls Enablement Specialist is responsible for designing, implementing, and managing security controls across multi-cloud environments, with a specific emphasis on Azure and AWS platforms, to ensure the protection of organizational data and systems. This role requires deep expertise in cloud security, architecture principles, and industry standards. The ideal candidate will work closely with various teams to ensure the security of cloud-based applications, data, and infrastructure, particularly on platforms like AWS and Azure.
**Key Responsibilities:**
+ Lead the design and implementation of secure cloud architectures and solutions, ensuring alignment with business objectives and security requirements.
+ Develop and document security architectures in partnership with CST solutions architecture team, including detailed diagrams and written explanations.
+ Evaluate and recommend new cloud security technologies and practices to improve the organization's security posture.
+ Develop and implement security controls for cloud infrastructure (IaaS, PaaS, SaaS) based on industry best practices and compliance requirements.
+ Ensure appropriate security measures are in place to protect against threats, vulnerabilities, and breaches in Azure and AWS environments.
+ Monitor and evaluate the effectiveness of existing cloud security controls and recommend enhancements.
+ Define and implement security controls and policies for cloud environments, ensuring compliance with industry standards (e.g., ISO 27001, NIST, GDPR, HIPAA) and bank security policies.
+ Conduct regular security assessments and audits of cloud environments to identify and mitigate risks.
+ Conduct risk assessments to identify potential security threats and vulnerabilities in cloud environments.
+ Develop risk mitigation strategies and work with relevant teams to implement solutions.
+ Maintain and update risk registers and ensure continuous monitoring of cloud security risks.
+ Ensure compliance with relevant security standards and regulations (e.g., ISO 27001, NIST, GDPR, HIPAA).
+ Develop and maintain documentation for security controls, policies, and procedures.
+ Participate in internal and external audits to demonstrate compliance with cloud security requirements.
+ Provide guidance and training to stakeholders on cloud security best practices and the implementation of security controls.
+ Act as a liaison between the security team and other departments to promote a security-first culture.
+ Collaborate with DevOps, IT, and business teams to integrate security controls into cloud deployments and CI/CD pipelines.
+ Act as a subject matter expert on cloud security architecture, providing guidance and support to various stakeholders.
+ Stay current with emerging cloud security trends, technologies, and best practices.
+ Continuously improve security controls and processes to enhance the organization's security posture.
+ Participate in security research, community engagements, industry forums, and knowledge-sharing initiatives.
**Required Skills:**
+ Strong understanding of cloud security principles and best practices for Azure and AWS platforms.
+ Extensive knowledge of security tools and technologies such as SIEM, IDS/IPS, DLP, firewalls, PKI, and identity management.
+ Experience architecting SIEM systems, threat intelligence platforms, security automation and orchestration.
+ Knowledgeable in network security, including AWS networking primitives, security groups, network access control lists, proxies, firewall and WAF technologies.
+ Experience building and implementing IaC/PaC governance strategies.
+ Experience with cloud and containerized technologies, AKS, EKS, ECS, serverless, Kubernetes and Docker
+ Experience with PKI secrets management platforms (e.g., Azure Key Vault, AWS, KMS, AWS Secrets Manager, HashiCorp Vault).
+ DevSecOps experience building and deploying infrastructure with build and test automation technologies terraform, cloudformation, ansible, docker, jenkins
+ Hands on experience designing and deploying cloud security controls at scale.
+ Extensive knowledge of public cloud service providers and the threats to workloads within those environments
+ Hands-on experience with cloud security solutions, including Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP).
+ 5 years of experience in cloud security
+ Currently hold active AWS Security Specialty or Azure AZ-500 certification
+ In-depth understanding of cloud security principles, best practices, and industry frameworks such as OWASP Top 10, NIST, CSA, CIS benchmarks
**Desired Skills:**
+ Relevant industry certifications such as ISC2 and SANS GIAC are highly desirable.
+ Strong communication and interpersonal skills to work effectively with cross-functional teams.
+ Ability to manage multiple projects and priorities in a fast-paced environment.
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE .
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.
Sydney, Australia
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
**Job Overview:**
The Cloud Security Controls Enablement Specialist is responsible for designing, implementing, and managing security controls across multi-cloud environments, with a specific emphasis on Azure and AWS platforms, to ensure the protection of organizational data and systems. This role requires deep expertise in cloud security, architecture principles, and industry standards. The ideal candidate will work closely with various teams to ensure the security of cloud-based applications, data, and infrastructure, particularly on platforms like AWS and Azure.
**Key Responsibilities:**
+ Lead the design and implementation of secure cloud architectures and solutions, ensuring alignment with business objectives and security requirements.
+ Develop and document security architectures in partnership with CST solutions architecture team, including detailed diagrams and written explanations.
+ Evaluate and recommend new cloud security technologies and practices to improve the organization's security posture.
+ Develop and implement security controls for cloud infrastructure (IaaS, PaaS, SaaS) based on industry best practices and compliance requirements.
+ Ensure appropriate security measures are in place to protect against threats, vulnerabilities, and breaches in Azure and AWS environments.
+ Monitor and evaluate the effectiveness of existing cloud security controls and recommend enhancements.
+ Define and implement security controls and policies for cloud environments, ensuring compliance with industry standards (e.g., ISO 27001, NIST, GDPR, HIPAA) and bank security policies.
+ Conduct regular security assessments and audits of cloud environments to identify and mitigate risks.
+ Conduct risk assessments to identify potential security threats and vulnerabilities in cloud environments.
+ Develop risk mitigation strategies and work with relevant teams to implement solutions.
+ Maintain and update risk registers and ensure continuous monitoring of cloud security risks.
+ Ensure compliance with relevant security standards and regulations (e.g., ISO 27001, NIST, GDPR, HIPAA).
+ Develop and maintain documentation for security controls, policies, and procedures.
+ Participate in internal and external audits to demonstrate compliance with cloud security requirements.
+ Provide guidance and training to stakeholders on cloud security best practices and the implementation of security controls.
+ Act as a liaison between the security team and other departments to promote a security-first culture.
+ Collaborate with DevOps, IT, and business teams to integrate security controls into cloud deployments and CI/CD pipelines.
+ Act as a subject matter expert on cloud security architecture, providing guidance and support to various stakeholders.
+ Stay current with emerging cloud security trends, technologies, and best practices.
+ Continuously improve security controls and processes to enhance the organization's security posture.
+ Participate in security research, community engagements, industry forums, and knowledge-sharing initiatives.
**Required Skills:**
+ Strong understanding of cloud security principles and best practices for Azure and AWS platforms.
+ Extensive knowledge of security tools and technologies such as SIEM, IDS/IPS, DLP, firewalls, PKI, and identity management.
+ Experience architecting SIEM systems, threat intelligence platforms, security automation and orchestration.
+ Knowledgeable in network security, including AWS networking primitives, security groups, network access control lists, proxies, firewall and WAF technologies.
+ Experience building and implementing IaC/PaC governance strategies.
+ Experience with cloud and containerized technologies, AKS, EKS, ECS, serverless, Kubernetes and Docker
+ Experience with PKI secrets management platforms (e.g., Azure Key Vault, AWS, KMS, AWS Secrets Manager, HashiCorp Vault).
+ DevSecOps experience building and deploying infrastructure with build and test automation technologies terraform, cloudformation, ansible, docker, jenkins
+ Hands on experience designing and deploying cloud security controls at scale.
+ Extensive knowledge of public cloud service providers and the threats to workloads within those environments
+ Hands-on experience with cloud security solutions, including Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWPP).
+ 5 years of experience in cloud security
+ Currently hold active AWS Security Specialty or Azure AZ-500 certification
+ In-depth understanding of cloud security principles, best practices, and industry frameworks such as OWASP Top 10, NIST, CSA, CIS benchmarks
**Desired Skills:**
+ Relevant industry certifications such as ISC2 and SANS GIAC are highly desirable.
+ Strong communication and interpersonal skills to work effectively with cross-functional teams.
+ Ability to manage multiple projects and priorities in a fast-paced environment.
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE .
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.
This advertiser has chosen not to accept applicants from your region.
5
Vice President, Business Support Manager, Chief Operating Office, APAC Global Information Security
Sydney, New South Wales
Bank of America
Posted 1 day ago
Job Viewed
Job Description
Vice President, Business Support Manager, Chief Operating Office, APAC Global Information Security
Sydney, Australia
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
**Job Description:**
Global Information Security helps to assess threats and provide scalable and flexible solutions to actively manage these threats and specific risks to the Bank.
The Business Support Manager will be part of the APAC GIS COO team providing operational and delivery expertise with a focus on strategy, financials, driving information security awareness and rigor to meet business requirements and goals, while addressing the agreed risk tolerances of the business environment.
The successful candidate will be able to work both individually and as part of a team, bringing an organized and disciplined, but creative and energetic enthusiasm to building a best-in-class organization.
**Responsibilities**
+ Execute responsibilities covering Business Management, Resource & Finance Management and Process Improvements
+ Act as Operational Excellence champion in the region and work closely with the Process Excellence team and senior GIS leaders to facilitate the execution of the Enterprise Process Management Policy
+ Support global and regional ad-hoc/project-based initiatives in execution
+ Analyze and identify gaps for in-region execution of processes and controls with GIS functional teams; ensure remediation of any controls gaps linked to in-region execution
+ Facilitate strategic level discussions under the guidance of the Regional Information Security Office (RISO) leadership team to achieve organizational outcomes
+ Provide regular management business updates on actions plans aligned to strategic goals
+ Be flexible, demonstrate desire to learn and to be able deal with ambiguity and uncertainty.
+ Build effective, capable teams through continuous technical training, coaching and leadership development
**Required Skills**
+ A seasoned business manager with exceptional communication skills, attention to detail, and a drive to make time, information, and decision-making more effective.
+ Comfortable in translating complex technical details into simplified presentation proposals to communicate and gain approvals from senior leadership or business representatives;
+ You have experience with a wide range of business management activities and initiatives including but not limited to finance/budgets, key MI metrics and status reporting, stakeholder and internal/external presentations and reporting
+ Ability to work with stakeholders in business and technology groups who are based in various locations as required by the projects;
+ Be assertive, inquisitive, and creative to assure timely outcomes whilst maintaining humility, maturity, and situational sensitivity.
+ You are able to work independently and as part of a team to tight deadlines and changing priorities
+ You will have had exposure to regulatory frameworks and risk management concepts and have ideally supported business continuity management in a technology environment
+ Strong project management, multitasking and organizational skills with enhanced knowledge on productivity suites (e.g. MS Office tools, Confluence, JIRA etc)
+ Applicable knowledge of enterprise cybersecurity policies, regulations and security frameworks.
+ Certifications in Project Management and/or information security highly desirable
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE .
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.
Sydney, Australia
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge
Refer a friend
**To proceed with your application, you must be at least 18 years of age.**
Acknowledge ( Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
**Job Description:**
Global Information Security helps to assess threats and provide scalable and flexible solutions to actively manage these threats and specific risks to the Bank.
The Business Support Manager will be part of the APAC GIS COO team providing operational and delivery expertise with a focus on strategy, financials, driving information security awareness and rigor to meet business requirements and goals, while addressing the agreed risk tolerances of the business environment.
The successful candidate will be able to work both individually and as part of a team, bringing an organized and disciplined, but creative and energetic enthusiasm to building a best-in-class organization.
**Responsibilities**
+ Execute responsibilities covering Business Management, Resource & Finance Management and Process Improvements
+ Act as Operational Excellence champion in the region and work closely with the Process Excellence team and senior GIS leaders to facilitate the execution of the Enterprise Process Management Policy
+ Support global and regional ad-hoc/project-based initiatives in execution
+ Analyze and identify gaps for in-region execution of processes and controls with GIS functional teams; ensure remediation of any controls gaps linked to in-region execution
+ Facilitate strategic level discussions under the guidance of the Regional Information Security Office (RISO) leadership team to achieve organizational outcomes
+ Provide regular management business updates on actions plans aligned to strategic goals
+ Be flexible, demonstrate desire to learn and to be able deal with ambiguity and uncertainty.
+ Build effective, capable teams through continuous technical training, coaching and leadership development
**Required Skills**
+ A seasoned business manager with exceptional communication skills, attention to detail, and a drive to make time, information, and decision-making more effective.
+ Comfortable in translating complex technical details into simplified presentation proposals to communicate and gain approvals from senior leadership or business representatives;
+ You have experience with a wide range of business management activities and initiatives including but not limited to finance/budgets, key MI metrics and status reporting, stakeholder and internal/external presentations and reporting
+ Ability to work with stakeholders in business and technology groups who are based in various locations as required by the projects;
+ Be assertive, inquisitive, and creative to assure timely outcomes whilst maintaining humility, maturity, and situational sensitivity.
+ You are able to work independently and as part of a team to tight deadlines and changing priorities
+ You will have had exposure to regulatory frameworks and risk management concepts and have ideally supported business continuity management in a technology environment
+ Strong project management, multitasking and organizational skills with enhanced knowledge on productivity suites (e.g. MS Office tools, Confluence, JIRA etc)
+ Applicable knowledge of enterprise cybersecurity policies, regulations and security frameworks.
+ Certifications in Project Management and/or information security highly desirable
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "Know your Rights" poster, CLICK HERE ( .
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America's Drug-free Workplace and Alcohol Policy, CLICK HERE .
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Information security Jobs in Australia !
6
Senior ICT Security Specialist
2600 Canberra, Australian Capital Territory
PowerData Group Consulting
Posted 12 days ago
Job Viewed
Job Description
Estimated start date
Thursday, 25 September 2025
Initial contract duration
18 months
Extension term
12 months
Number of extensions
2
Maximum number of candidates per seller
5
Experience level
Senior - APS6 equivalent
Location of work
ACT, QLD, VIC, WA
Working arrangements
Onsite
Working arrangements will be at the discretion of the assigned work area, subject to operational need. Due to the nature of ASD’s operations, not all work areas can accommodate work from home. Most roles are based in Canberra. However, ASD may be able to accommodate candidates in the Melbourne, Brisbane or Perth facilities. No other locations will be considered.
Maximum hours
40 hours per week
Security clearance
Must be able to obtain Negative Vetting Level 1
Job details
ASD requires multiple APS6 equivalent ICT Security Specialists to fill positions across the organisation. A merit pool will be created for future positions that may arise.
Must have either, NV1, NV2 and PV positions required. Candidates selected must hold a current AGSVA clearance to commence to contract with ASD. Please clearly indicate the level held within your responses.
ICT Security Specialists implement, manage and retire the infrastructure (including physical, virtual, networking and cloud infrastructure) that supports digital services. They also undertake complex technical assessment activities to ensure capabilities adhere to required security standards.
ICT Security Specialists will work independently with the opportunity for reasonable autonomy and accountability for the achievement of outcomes of their work. They will exercise both initiative and judgement in the interpretation of policy and in the application of practices and procedures. They will provide detailed information security technical, professional and policy advice in relation to complex work and contribute to strategic planning, program and project management and policy development.
Position will require OSA prior to engagement. Further information on the OSA is available at:Key duties and responsibilities
Accountable to conduct security risk assessments and provide advice and guidance on the application and operation of procedural security controls.Responsible for ensuring that all identified breaches in information security are promptly managed according to the Australian Signals Directorate policies and procedures.Understand the security features and capabilities of current Australian Signals Directorate and industry accepted hardware and software products and provide advice to stakeholders.Use experience to explain systems security and the strengths and weaknesses that are relevant across the Australian Signals Directorate.Tailor communication style and language to provide guidance on security strategies to manage identified risks.Facilitate appropriate direction for the team by clearly communicating goals and objectives.Interpret security policy and contribute to the development of standards and guidelines that comply with the Australian Signals Directorate policy and procedures.Analyse and resolve identified security incidents in accordance with established procedures and recommend any required actions.Lead the application and compliance of security operations procedures and review information systems for actual or potential breaches in security.Build and sustain effective working relationships with team members and actively participate in teamwork and group activities.Technical Skills:
Certification as an Infosec Registered Assessors Program (IRAP) AssessorExperience ensuring technical systems adhere to Essential Eight, ISM, and PSPF frameworksProven ability to communicate complex technical systems to non-technical audiencesExcellent organisational & communication skillsProven record building, managing, & enhancing relationships with stakeholdersExperience developing, managing, and implementing SOPs & procedures in support of security accreditation frameworksAbout the organisation
The Australian Signals Directorate (ASD) is a statutory agency in the Defence portfolio that defends Australia against global threats and advances our national interests through the provision of foreign signals intelligence, cyber security and offensive cyber operations as directed by the Australian Government.
Criteria
The buyer has specified that each candidate must provide a response to each criterion. Each response is limited to 3000 characters.
Essential criteria
1. SCAD 3 - Security operations: Level 3 (SFIA) Investigates minor security breaches in accordance with established procedures. Assists users in defining their access rights and privileges. Performs non-standard operational security tasks. Resolves security events and operational security issues.
2. SCAD 4 - Security operations: Level 4 (SFIA) Maintains operational security processes and checks that all requests for support are dealt with according to agreed procedures. Provides advice on defining access rights and the application and operation of elementary physical, procedural and technical security controls. Investigates security breaches in accordance with established procedures and recommends required actions. Provides support and checks that corrective actions are implemented.
3. SCTY 4 - Information security: Level 4 (SFIA) Provides guidance on the application and operation of elementary physical, procedural and technical security controls. Explains the purpose of security controls and performs security risk and business impact analysis for medium complexity information systems. Identifies risks that arise from potential technical solution architectures. Designs alternate solutions or countermeasures and ensures they mitigate identified risks. Investigates suspected attacks and supports security incident management.
4. INAS 4 - Information assurance: Level 4 (SFIA) Performs technical assessments and/or accreditation of complex or higher-risk information systems. Identifies risk mitigation measures required in addition to the standard organisation or domain measures. Establishes the requirement for accreditation evidence from delivery partners and communicates accreditation requirements to stakeholders. Contributes to planning and organisation of information assurance and accreditation activities. Contributes to development of and implementation of information assurance processes.
Additional requirements
1. What level of security clearance do you hold and provide your AGSVA CSID?
This advertiser has chosen not to accept applicants from your region.
7
SAP GRC Security Consultant - Contract - Sydney
2000 Sydney, New South Wales
Hastha Solutions
Posted 16 days ago
Job Viewed
Job Description
Urgent requirement of SAP GRC Security Consultant - Contract - Sydney Requirements Design and Build Security Roles in SAP S/4HANATroubleshoot access issues in SAP S/4HANA Security Roles (including Fiori)Configure SAP GRC Access Control 12.0 (ARA, BRM, EAM, ARM) and troubleshoot BRF+, MSMP IssuesPerform regular SOD Analysis for Roles, Users and provide mitigation/remediation recommendationsExecute GRC Reports (User Access Review, FFID Log Review, Pending Access Request Reports etc.,)Troubleshoot SAP IDM Integration issues from GRC sideAccess Management using SAP IDM UISupport Internal and External Audits independentlyVery Good Communication Skills Duration: 6 Months and possible extension Eligibility: Australian/NZ Citizens/PR Holders only Email:
This advertiser has chosen not to accept applicants from your region.
8
Cyber Security Manager
2600 Canberra, Australian Capital Territory
PowerData Group Consulting
Posted 17 days ago
Job Viewed
Job Description
Location: Remote Security Clearance :Australian Citizen must have NV2Position Overview: The Cyber Security Manager is part of the Engineering Support Team, working under the guidance of the Deputy Chief Engineer. This role involves leading a team focused on mitigating cyber security risks across various internal products. The manager will provide support services, expert advice, and reporting on hardware and software vulnerabilities, cyber supply chain risk management, defensive cybersecurity measures, incident response, and specialized consultations.You will insure compliance with relevant financial, legislative, and departmental policies, as well as defence directives and standards.Key Responsibilities: Manage vulnerability assessment activities, communicate with stakeholders, and prepare reports on both software and hardware components across all products.Develop and maintain the Cyber Supply Chain Risk Management Plan.Lead the development and enhancement of Security Operations Center (SOC) capabilities and oversee SOC analysts.Plan, execute, and report on threat hunting initiatives.Oversee Cyber Security Operations, including creating and updating Standard Operating Procedures.Analyse and apply Cyber Threat Intelligence (CTI) to organizational products.Engage with cyber security stakeholders within the Defence Digital Group and the broader Defence Department.Lead internal cyber security training programs.Stay current with emerging cyber security threats and issues, providing briefings and education to internal teams.Offer specialized ICT security advice during product design, development, and testing phases.Develop, implement, and maintain Incident Response Plans.RequirementsEssential Experience & Skills: Experience in ICT Security Governance, Risk, and Compliance (GRC) or equivalent.Skills in open-source intelligence analysis, risk assessments, and technical reporting.Background in SOC-based cyber incident response, both as an analyst and manager.Expertise in threat modelling, threat hunting, and incident management.Proficiency in SIEM tuning and optimization.Experience conducting supply chain risk assessments and reporting.Skills in vulnerability assessment and management.Desirable Qualifications & Skills: Previous role within a Security Operations Centre (SOC).Knowledge of MITRE ATT&CK framework.Experience with SCAP, STIG, and CIS security standards.Familiarity with Agile/Scrum project methodologies.Knowledge of DevSecOps and CI/CD pipeline security.Skills in digital forensics for networks and hosts.Experience in SIEM design and deployment.Understanding of container security controls and logging.Prior experience with the Australian military or Department of Defence.Collaboration with Australian intelligence agencies.Additional Information: This contract offers extension options, which will be discussed as needed. Candidates must complete the attached criteria statement and submit it along with their CV, providing relevant examples demonstrating their skills and experience.
This advertiser has chosen not to accept applicants from your region.
9