This role is part of the IT Cyber Strategy & Planning team, shaping the cybersecurity roadmap for cyber defence platforms and driving continuous improvement.
Responsibilities
* Lead the architecture, design, and implementation of the Bank's security operations platforms, including SIEM, SOAR, EDR, XDR capabilities, and vulnerability and attack surface management platforms.
* Provide architecture leadership across key cyber security technologies such as Microsoft Defender, Microsoft Sentinel, and Tenable, ensuring effective capability integration across the Bank's technology environment.
* Collaborate closely with Cyber Defence Operations, Vulnerability Management, Offensive Security, and Threat Intelligence teams to ensure cyber platforms deliver strategic and operational outcomes.
* Design and review secure technology solutions aligned with enterprise security standards and regulatory frameworks, including ACSC ISM, ISO27001, and CPS234.
* Conduct and oversee security risk assessments for technology solutions, supporting stakeholders to understand risks, mitigation strategies and architectural decisions.
* Provide technical guidance and architectural direction to security architects, engineers and project teams across cyber capability initiatives.
* Contribute to the development and maintenance of security reference architectures, standards and patterns supporting the Bank's cyber defence capabilities.
* Partner with cyber and technology teams as well as project stakeholders to ensure initiatives are scoped and delivered in alignment with enterprise architecture and cyber strategy objectives.
Qualifications
* Extensive experience in two or more of the following areas within complex enterprise environments: security operations, digital forensics and incident response, offensive security, and vulnerability and posture management.
* Practical experience with security operations technologies, including SIEM, SOAR, EDR/XDR, vulnerability management, and threat intelligence platforms.
* Strong understanding of cyber risk assessment methodologies and cyber risk management and control frameworks such as Essential8, ASDISM, and NISTCSF.
* Excellent stakeholder engagement capability, with the ability to clearly articulate security risks and architecture decisions to both technical and business audiences.
* Proven ability to drive cross-functional collaboration across cyber, technology and business teams within large, complex organisations.
* Tertiary qualifications in a relevant field such as Cybersecurity, Computer Science, or Information Technology.
* Recent professional certifications such as SANS, CISSP, SABSA, or TOGAF are highly regarded.
* Candidates must be Australian Citizens or eligible for NV1 security clearance.
#J-18808-Ljbffr