We’ve got locations across the motu and offer various types of flexible and remote working options. So, whether you’re looking for a role in Banking, Risk, Finance, or something else, browse our current vacancies to find the right job for you. If you don’t see what you’re looking for, bookmark this page, and check back soon.
Information Security Lead
Listed 2 days Ago
TSB
Banking
This position is crucial in assisting with the protection of the Bank's assets and information by offering consultancy guidance and hands-on support regarding information security risks and controls. It promotes the business benefits of effectively and efficiently managing information security risks while spearheading the execution of security enhancement initiatives. You will oversee security across the bank, providing insights on security architecture, vendor compliance, vulnerability management, related regulatory updates, industry developments, emerging threats, and employee training.
You will collaborate with the CISO to establish suitable information security controls that meet the Bank's requirements in line with security policies and standards, risk management, risk appetite, best practices, and regulatory demands. This involves integrating with the Bank's broader policies and procedures concerning incident response and formulating contingency plans for situations that could disrupt operations or damage the Bank's reputation.
In this role, you can expect to:
- Leadership, Collaboration & Culture – Act as a leader and advocate for information security within your team, among peers, the Bank, and with key stakeholders. Partner with Technology, Audit, Risk, Legal, Procurement, and the broader business to ensure that a cyber-resilient culture is integral to all operations at the Bank. Working with your team, you will foster a culture of cyber resilience, ensuring that everyone has the necessary training and awareness to perform their roles in maintaining cyber resilience.
- Information Security Consulting, Policies & Reporting – Assist in ensuring that information security controls are firmly established throughout the Bank. This includes advocating for and consulting on information security issues while engaging with change initiatives to provide security guidance throughout the change lifecycle. Support the CISO in keeping policies, standards, and guidelines current to offer direction to the Bank and its partners.
- Information Security Risk Management & Threat Awareness – Collaborate with the Technology Risk and the Bank's Risk divisions to ensure that relevant information security risks and controls are identified and appropriately managed. This encompasses proactively spotting new risks within the Bank, adjusting or developing new controls, staying informed about emerging cyber threats, and liaising with industry regulators and partners.
- Strategy, Architecture & Roadmap – Work together with the CISO to formulate the Bank's information security strategy. This should include security architecture definitions and practices that embed sound information security protocols and controls throughout the Bank.
- Security Program Delivery & Enhancements – Lead and contribute to a continuous improvement program in information security that clearly identifies and monitors enhancements according to an agreed framework of controls.
- Security Assurance – Contribute to an assurance framework that works collaboratively with internal teams for self-assessment and continuous evaluation, as well as external assessments including those from regulators and independent testers.
We are looking for candidates who have:
- 5+ years of experience in information security and risk management role.
- Professional Certifications such as CISSP, CISM, CISA, CRISC etc.
- Experience working in the financial services industry desired.
- Good understanding of the information security processes, concepts and best practices.
- Knowledge of information security frameworks or standards such as NIST CSF, ISO 27000 series, ITIL as well as controls management.
- Experience working with RBNZ & FMA guidelines, AML/CFT requirements, and New Zealand’s Privacy Act 2020.
What’s in it for me?
At TSB, we’re small enough to really care about our customers but big enough to have great rates, innovative products, and digital solutions. We are looking for people to help us achieve our goal of being the easiest bank to deal with.
By working with us, you’ll be a part of a profit for purpose organisation. We’re 100% owned by Toi Foundation, a philanthropic trust, and our annual dividends contribute to Toi’s transformational impact in our community.
Closing date for applications is 5.00 p.m. Tuesday 11th February 2025.
Applications will be reviewed as they come in.
