Security Analyst for Information Security Policy

**Req ID**: 68445
**Department**: Tech Security Strategy, Portfolio & Operations
**Division**: Technology
**Location**: Melbourne
About Us

About the Role

As a Security Analyst in our Information Security Policy, Compliance and Controls team, you’ll play a key role in helping to provide ongoing development and management of information security policy, standards and controls as per regulatory requirements and industry best practices. You will support risk assessments and provide risk insights to various risk forums. You will also lead regulatory interactions and external audits and must possess excellent stakeholder management skills, with strong influencing and relationship building ability.

Banking is changing and we’re changing with it, giving our people great opportunities to try new things, learn and grow. Whatever your role at ANZ, you’ll be building your future, while helping to build ours.

**Role Location**: Melbourne

**Role Type**: Permanent, Full-time

What will your day look like?

**As a Security Analyst, you are responsible for**:
Helping business units in adopting information security as a risk theme to manage risks associated with cyber threats and data loss.
Deep understanding of security risk assessment frameworks, assessments, aggregation and reporting.
Championing information security policies, standards, controls, and processes so that regulatory compliance requirements are addressed as part of business-as-usual operations.
Providing analysis and insights into data supporting the effectiveness of technical and process-based security controls.
Working with different regulatory authorities for adopting and complying with their security requirements.
Creating and maintaining well-defined Information Security policies, standards and controls aligning to regulatory requirements and industry best practices.
Scoping and responding to security questionnaires from ANZ clients.
Process mapping
Excellent stakeholder management skills, with strong influencing and relationship building ability.
What will you bring?
Tertiary qualified with extensive years of relevant experience and preferably hands-on experience in information security principles and practices, general procedures, and guidelines in complex and challenging business environment.
Deep understanding of information security industry standards and best practices (e.g. ISO27001, NIST CSF, NIST SP800-53, PCI DSS etc).
Good understanding of APRA CPS 234 and CPG 234.
“T-shaped individual” - Possess a breadth of knowledge in many fields, but also have depth in Information Security Governance, Risk and Compliance concepts and practices.
Ability to form and own opinions, including challenge on compliance arrangements where appropriate.
Ability to build and maintain relationships with internal and external stakeholders including excellent negotiating, influencing and conflict management skills.
Strong verbal and written communication skills, presentation skills, ability to take a lead in workshops and drive meaningful outcomes.
Strong stakeholder engagement skills and ability to build and maintain relationships.
Willingness to look at things differently, challenge the status quo and innovate.
Proven analytical skills and evidence-based decision making.
A ‘growth mindset’ and ability to identify opportunities for continuous improvement.
Comfortable dealing with ambiguity.
Experience with and understanding of security, governance, risk, and compliance concepts.
Exposure to Agile methodologies and experience with Agile tools such as Confluence and Jira.
So why join us?

From the moment you join ANZ, you'll be doing meaningful work that will shape a world where people and communities thrive.

But it's not just our customers who'll feel your impact. you'll feel it too. Because at ANZ, you'll have the resources, opportunities, and support you need to take the next big step in your career.

We're a diverse bunch at ANZ in different roles, different locations, doing different things. That's why we have a range of flexible working arrangements, so our people can 'make work, work for them'. We also provide a range of benefits including access to health and wellbeing services and discounts on selected products and services from ANZ and more.