Head of Security, Governance

Head of Security, Governance & Risk

**Head of Security, Governance & Risk**

**Job no**: 794100

**Business unit**: Technology and Enterprise Operations

**Primary position location**: 700 Bourke St, Docklands, VIC

**Work type**: Permanent Full time

**Region**: VIC- Melbourne CBD

Take a leadership role where you'll inspire and energise your team
- Bring your ideas, ambitions, and passions - both in and outside of work
- Your work at NAB changes the future of banking and you will be part of a team that is solving society's biggest challenges

**It's more than a career at NAB. It's about more opportunity, more moments to make a difference and more focus on you.**

Your job is just one part of your life. When you bring your ideas, energy, and hunger for growth to us, you'll be recognised and rewarded for your contribution in return. You'll have our support to excel for our customers, deliver positive change for our communities and grow your career.

It's a good time to see what more you can find at NAB as the Head of Security, Governance & Risk. Bring your energy, drive and relentless focus on improving NAB's security risk posture to bear

**The role**:
The Head of Security, Governance & Risk will oversee and ensure NAB's ongoing adherence to all current security related obligations, measure and reduce residual risk, mature security standards and frameworks, report on all security metrics to executive committees and Board.

**Responsibilities**:
Improve NAB's security risk posture and reduce security risk:

- Continuously seek and implement practices that improve NAB's security risk posture through ongoing uplift in maturity of people, processes, tools and reporting;
- Facilitate security governance forums on behalf of CSO and Executive Governance & Engagement;
- Drive and enhance security risk awareness and culture.

Risk measurement and reduction using metrics that matter:

- Implement a data driven approach to security risk measurement and reduction
- Demonstrate reduction in residual security risk over time using automated reporting dashboards and via management, executive and board reporting
- Sponsor/lead (including business case development) initiatives that drive security risk reduction across NAB and its subsidiaries.

Security standards and frameworks:

- Maintain, implement, and mature security standards and frameworks, including accountabilities, roles and responsibilities across Group and subsidiaries, aligned to industry best practices, regulatory requirements, and NAB's risk appetite.
- Govern compliance of security obligations and requirements across the enterprise: Work in partnership with Security Compliance team and oversee NAB's compliance to all existing security related obligations, regulatory, contractual, and compliance requirements, global and national, in a way that is sustainable.

Executive reporting:

- Responsible for coordination of inputs, creation and sign off for all security related executive reporting.

Continuous improvement:

- You will keenly stay updated on emerging threats, trends/changes regulatory requirements and solutions, as well as in security risk management methods and tools (nationally and globally) and proactively bring these to live to reduce security risk at NAB while improving your team's and NAB's ways of working.
- Build, continuously grow and inspire a high performing global team of security professionals. Set strategic direction and prioritise security risk reduction efforts based on organizational goals and security risk priorities.

**What you'll bring:
- 10+ years' experience in security leadership or complimentary discipline
- Prior experience in the financial industry, preferably within a similar role, to understand the unique challenges and requirements of securing financial institutions.
- Track record in integrating complex processes and security solutions, delivering consistent results in a large complex business.
- Experience implementing similar functions in large, complex, regulated organisation.
- Strong business engagement and senior stakeholder relationship management experience working through complex issues and delivering positive outcomes for their Business and security. Proven experience influencing senior leaders across strategic and operational outcomes.
- Relevant certifications such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or Certified Information Security Auditor (CISA) are highly regarded.

**A diverse and inclusive workplace works better for everyone.**

We know that our people make us who we are. That's why we have built a culture of equity and respect - where everyone feels valued and appreciated for being their authentic selves. In partnership with our multiple Employee Resource Groups (ERGs) we continue to foster an inclusive environment, where all NAB colleagues' unique backgrounds and identities are understood, respected and celebrated.

**Join NAB