Information Security Regulatory Compliance Officer

**Role Intro: 12 Month Fixed Term Contract**

The Information Security Regulatory Compliance Officer is responsible for developing, implementing and strengthening internal practices and solutions to ensure Greater Bank’s suppliers meets APRA Standard CPS234 (Information Security). This key position will work collaboration with key stakeholders across the business to educate, interpret and build awareness of the requirements of CPS234, and lead the Bank to fulfil supplier information security obligations. You will work with first line risk to ensure that supplier controls are efficient and appropriate.

and appropriate.

**What are we looking for?**
- IT Technical knowledge with current knowledge of information security.
- Experience dealing with suppliers, preferably in an information security or compliance role.
- Regulatory awareness and extended experience in highly regulated environments.
- Knowledge of federal and state law, regulatory compliance, frameworks and standards such as ISO, SOC, NIST, APRA, the Privacy Act, and PCI DSS
- Technical proficiency and experience in producing or reviewing security certifications, attestations and or independent reports and identifying any issues that warrant further investigation by our CyberOps team and / or should be escalated to management as a risk.
- Ability to communicate and negotiate with internal and external stakeholders.
- Ability to think strategically and act tactically.

**What would be your key responsibilities?**
- Develop and implement policy documents and practices across the technology division and Greater Bank more broadly, that satisfy the suppliers requirements of APRA standard CPS234.
- Collaborate with key stakeholders and work within policy and regulatory requirements to distil complex information and determine practical solutions to deliver outcomes.
- Updating and maintaining mapping between information assets and categories, and their relevant control tests.
- Maintain an understanding of the relevant APRA Standard and Guide, and relevant internal policy.
- Review, enhance and strengthen the operational, vendor and risk management frameworks and procedures in relation to supplier information security.
- Provide regular reporting on supplier information security obligations, the status and outcome of supplier information security assessments and general inputs to executive and board reporting.
- Facilitate supplier information security reviews and participate in audit activities (e.g. Tripartite, IT General Controls, adhoc).
- Support business owners and vendor management in identifying, resolving, and escalating supplier information security risks and issues.
- Support our technology risk and compliance manager in key controls testing against identified third parties.
- Engage with business owners, procurement, vendor management and suppliers as required to satisfy the requirements of the regulatory standard and the Bank internal policies, management statements and frameworks.
- Develop, then implement, processes, guidelines, and frameworks to review and report on the information security capabilities of Greater Bank’s suppliers supply chains, identifying risks and developing mitigating strategies.

**What can you expect from Greater Bank?**
- Award winning Financial Services Organisation
- Genuine focus on your career development with access to internal and external training
- More than just pay, our health and wellbeing program is centred around work-life balance and flexibility
- Opportunity to make a difference in our community
- Work in an environment where people are at the heart of everything we do

**About us**:
We’ve been helping the people of NSW and South East QLD with their banking needs for over 75 years. At Greater Bank, we are on a journey that is being driven by our people to ensure we remain positioned to support our customers for generations to come. Become part of the team that is helping to transform the way we do banking.

Our next chapter looks to build upon our strong foundations Our customers voted in favour of a merger with Newcastle Permanent creating a regional powerhouse based here in Newcastle and providing an unparalleled opportunity to grow and innovate. Don’t delay Join us and be part of our exciting journey.