Cloud Security Control Lead

5 days ago

Melbourne, Victoria, Australia Commonwealth Bank Full time
Cloud Security Control Lead (Senior Manager)Overview

The Cyber Controls Chapter Area plays an important function within the Group Security division, responsible for designing and deploying effective cyber control capabilities and overseeing continuous improvement of the Group's cyber risk profile.

As an organisation with a large IT estate servicing millions of customers every day, we need to ensure effective mitigations are in place to defend our assets against an ever-evolving cyber threat environment. The Control Lead Cloud Security is tasked with ensuring control capabilities are in place to identify security weaknesses and mitigate cyber threats to cloud-based asset classes (IaaS, PaaS, SaaS, containers) across the Group.

Working arrangements

We support our people with the flexibility to balance where work is done, with at least half your time each month connecting in office. We also have many other flexible working options available including changing start and finish times, part-time arrangements and job share. Talk to us about how these arrangements might work for you.

Responsibilities
  • Supporting Technology Crew Leads, Product Owners and Enterprise Architects in setting the control capability roadmap for cloud security, overseeing control operation, and delivery of control remediation to achieve target risk outcomes.
  • Establishing and maintaining cloud security standards and guidelines to align with changes in industry standards, technology strategy and threat intelligence.
  • Governing the Group's compliance with Cloud Security control requirements and supporting the business in tracking remediation of critical security weaknesses and improvement of overall risk posture.
  • Carrying out control effectiveness assessments, identifying control weaknesses and driving appropriate risk remediation across business-owned cloud-based assets.
  • Establishing automated control performance monitoring capabilities to support cloud security assurance over business-aligned technology services.
What you will bring
  • Embody the leadership principle of 'Curious and Humble' by being willing to speak up and challenge the status quo, and continually expand their skills and knowledge.
  • Expertise in cloud governance.
  • Knowledgeable about cyber threats and vulnerabilities relevant to cloud-based technologies.
  • Ability to analyse threat intelligence, identify potential risks, prioritise vulnerabilities, and recommend appropriate mitigations (Identity & Access Management, Cryptography, Secure Configuration, Data Security, Vulnerability Management, CIEM, CNAPP, CSPM, SSPM).
  • Experience working with cloud security enterprise solutions and implementing security tools in large and complex IT environments.
  • Ability to operate effectively in an agile environment with autonomy and self-initiate to achieve target outcomes.
  • Demonstrated ability to engage and influence stakeholders to build rapport, obtain buy-in and achieve target outcomes.
Desirable technical skills
  • Understanding of hybrid and cloud-native environments (e.g., AWS, Azure) and how security controls apply to them.
  • Applied knowledge of ASD ISM, NIST CSF, CIS and ACSC Essential Eight cyber mitigation strategies.
  • Proficiency in SSPM, CSPM, CNAPP, CIEM.
  • Experience with vulnerability prioritisation frameworks (e.g., CVSS, EPSS).
  • Understanding of web application vulnerabilities (e.g., OWASP Top Ten).
  • Security certifications: AWS/Azure security; CISSP, CISM.

Advertising End Date: 03/09/2025

#J-18808-Ljbffr

  • Cloud Security Control Lead

    5 days ago

    Melbourne, Victoria, Australia Commonwealth Bank Full time

    Cloud Security Control Lead (Senior Manager)OverviewThe Cyber Controls Chapter Area plays an important function within the Group Security division, responsible for designing and deploying effective cyber control capabilities and overseeing continuous improvement of the Group's cyber risk profile.As an organisation with a large IT estate servicing millions of...

  • Cloud Security Architect Lead

    3 days ago

    Melbourne, Victoria, Australia beBeeCloudSecurity Full time $160,000 - $190,000

    Cloud Security Leadership OpportunityAs a seasoned cloud security professional, you will lead the design and implementation of cloud security controls to protect organizational assets from cyber threats.Key Responsibilities:Establish and maintain cloud security standards and guidelines.Govern compliance with cloud security control requirements.Support...

  • Cloud Security Programme Lead

    6 days ago

    Melbourne, Victoria, Australia beBeeGovernance Full time $126,000 - $193,000

    A highly sought-after professional is required to lead the security program, overseeing certification, accreditation, assurance and authorisation activities across the cloud capability.Key ResponsibilitiesGuide assurance and authorization activities for all components within the cloud capability, ensuring adherence to standards and protocols.Collaborate with...

  • Cloud Security Specialist

    4 days ago

    Melbourne, Victoria, Australia beBeeCloudSecurity Full time $180,000 - $250,000

    Cloud Security Leadership RoleThe Cyber Controls Chapter Area plays a critical function within the Group Security division, responsible for designing and deploying effective cyber control capabilities and overseeing continuous improvement of the Group's cyber risk profile.We need to ensure effective mitigations are in place to defend our assets against an...

  • Cloud Security Leader

    2 days ago

    Melbourne, Victoria, Australia beBeeCloud Full time $145,000 - $188,000

    Cloud Security Leadership OpportunitySeeking an experienced cybersecurity risk and control professional to lead our cloud security efforts.About the RoleAchieve target risk outcomes by supporting Technology Crew Leads, Product Owners, and Enterprise Architects in setting the control capability roadmap for cloud security, overseeing control operation, and...

  • Cloud Security Specialist

    2 days ago

    Melbourne, Victoria, Australia beBeeCloudSecurity Full time $1,494,450 - $1,683,335

    Cloud Security Incident Response Senior Analyst PositionYou are a seasoned professional with expertise in cloud security, specializing across AWS and Azure services and solutions.As a member of our largest Cyber Security team, you will contribute to building tomorrow's bank today, using world-leading engineering, technology, and innovation.Your...

  • Cloud Security Governance Specialist

    3 days ago

    Melbourne, Victoria, Australia beBeeCloudSecurity Full time $200,000 - $240,000

    Cloud Security Control LeadThe Cyber Controls Chapter Area plays a pivotal role within the Group Security division, accountable for designing and deploying effective cyber control capabilities, as well as overseeing continuous improvement of the Group's cyber risk profile.To ensure effective mitigations are in place to defend our assets against an evolving...

  • Cloud Security Leader

    3 days ago

    Melbourne, Victoria, Australia beBeeSecurity Full time $180,000 - $240,000

    Cloud Security Leadership RoleA strategic position leading the security assurance program for cloud services in Australia. You will be responsible for ensuring the security of cloud infrastructure, which will lead towards achieving overall milestone outcomes for a region.Key Responsibilities:Lead the Security Assurance team for all components within the...

  • Cloud Security Specialist

    1 day ago

    Melbourne, Victoria, Australia beBeeSecurity Full time $150,000 - $180,000

    Cloud Security Specialist - AWS ComplianceAs a Cloud Security Specialist, you will play a key role in ensuring the security posture of our cloud capability.Serve as the security lead for designated components within the cloud capability, performing assurance and authorization activities to ensure adherence to industry standards and protocols.Collaborate with...

  • Cloud Security Specialist

    3 days ago

    Melbourne, Victoria, Australia beBeeCompliance Full time $160,000 - $230,000

    Job Summary:We are seeking a seasoned security professional to lead assurance and authorization activities across our cloud security program.The ideal candidate will have a strong understanding of regulatory landscapes, cloud technologies, and experience in security compliance. They will serve as the security specialist for designated components within the...