See job description for details
First a bit about ANZ
At ANZ, everything we do boils down to ‘why’ – our purpose – to shape a world where people and communities thrive. We're just as focused on seeing our people thrive as well as our customers. We'll give you every opportunity to develop your career.
We are responding faster to changing customer requirements, focusing on the things that matter the most, energising our people, eliminating waste and reducing bureaucracy.
ANZ has started to move to a new way of working, leveraging agile practices. To understand more about this new way of working and if this role is right for you, we strongly encourage you to take a look at The ANZ Way vimeo channel where you’ll find The ANZ Way animation and the New Ways of Working animation. Our Mission
The purpose of the Group Payments Tech Area is to transform Payments by fortifying existing platforms, simplifying and standardising processes and technology and by enabling our business through reusable end-to-end services.
As a Security Vulnerabilities and Patching Engineer you will be actively involved in the monitoring and reporting of security vulnerabilities identified through various methods of scanning and tests and will assist the Payments organisation with triaging and remediation activities to reduce risks within the Tech Area’s security posture.
Within Payments Technology you will be a member of the Payments Support Site Reliability Engineer (PSSRE) team. As a member, you will share ideas and knowledge and partner with your Leads to uplift the capability of the chapter Who are you? A team player
– You know we only win if we all win. You recognise and value the different perspectives and skills your colleagues bring. It is not about being a hero but jumping in and contributing to the successful delivery of the team’s mission The customer’s biggest fan
– You demonstrate a thirst for better understanding the customer and define the problem and develop solutions through their eyes Comfortable being uncomfortable
– You are comfortable with uncertainty and have the ability to effectively manage yourself through ambiguity and change Continuous improvement junkie
– You constructively challenge the status quo, look for better ways to do things and passionately advocate continuous improvement Committed to your own and other’s growth
– You strive to stretch and grow yourself and others by identifying your own development areas, seeking feedback and providing feedback to others to help them learn and grow everyday A problem solver
– You are energised by tackling complex problems and use critical thinking, your network, skills, knowledge, and available data to drive better outcomes for our customers and the bank Risk savvy
– You build sustainable solutions that protect customers, stakeholders and the community What you bring to the role?
You will also have the following specialised skills:
- A strong understanding of information security plans and policies.
- Be proactive in monitoring, tracking, and mitigating security risks to drive improvements to security posture.
- Develop and implement an ongoing security vulnerabilities and patching program for key assets across the Payments Tech area.
- Provide awareness training on information security standards, policies and best practices.
- An effective communicator who can partner with Assurance and Risk teams to support, review, and report on issues and to co-ordinate remediation.
- Solid knowledge of ANZ payments and payments business related drivers.
- Knowledge of the technical systems that support the payments business
- Expertise with code, malicious code and secure software engineering practices.
- Knowledge of risk assessment tools, technologies and methods.
- Knowledge of secure networks design, systems and application architecture.
- Knowledge of Disaster Recovery, computer forensic tools, technologies and methods.
- Able to plan, research and develop security policies, standards and procedures.
- Understand system administration, multiple platforms and applications.
- Endpoint security solutions, including file integrity monitoring.
- Understand various cloud infrastructure (AWS, GCP and Azure security).
- Experienced with FSI regulatory frameworks (APRA, RBNZ, RBA,MAS).
It is desirable that candidates have one or more of the following qualifications and/or certifications:
At ANZ we aim to create an inclusive environment where employee differences such as gender, age, culture, disability, sexual orientation, family and caring responsibilities and religion are valued. We work flexibly at ANZ. Talk to us and let us know how this role can be flexible for you.
- Industry experience in an information security function.
- Certified Information Systems Security Professional (CISSP).
- CISM – Certified Information Security Manager (CISM).
- CISA – Certified Information Security Auditor
- The Security & Vulnerabilities Engineer is also expected to know compliance standards such as ISO-27000.
This opportunity is located at 839 Collins Street, Docklands VIC