Do you want to be part of using the business of banking as a force for good? Do you want to create positive impact for people and the planet? Bank Australia is the bank for people who want to be part of a movement creating a fairer and more just world.

We’re growing fast as more people choose to align their banking with their values. We’re a customer owned, B Corp certified bank. We empower our staff and 180,000+ customers to be part of the clean money movement.

We currently have a permanent, full time opportunity for a Governance, Risk and Compliance (GRC) Analyst to join our Information Security Team. The GRC Analyst will support Bank Australia’s cyber security assurance and risk management processes across the organisation. As a key member of the team, the GRC Analyst will have the opportunity to contribute towards the establishment and maintenance of a well-structured and mature security environment.

Why join us

• We have big plans to become Australia’s most trusted bank and a leading purpose-driven business.
• As a certified B Corp, we’re part of a global business community who meet the highest social and environmental standards, putting purpose over profit.
• Every role and person in our bank is essential to bringing our values, purpose and aspiration to life.
• We offer flexible working options and competitive salary and benefits, including 12% super, paid parental, volunteer, family violence leave and opportunity for bonus annual leave.
• We support our staff to grow their careers through learning and development and an organisational culture where we reward and recognise innovation and values, not long hours.
• We are committed to building an inclusive culture and a diverse workforce that reflects the Australian community.
• We are the first bank in the world to own its own Conservation Reserve – which we use to protect threatened species and involve staff in conservation.

What you will be doing

• Support maintenance of the bank’s Information Security Framework and ensure it meets and aligns with legal and regulatory requirements
• Develop, maintain and review security governance documentation including policies, procedures and guidelines for cyber security
• Provide guidance to ensure compliance with information security policies and standards
• Liaise with information system owners to support them in maintaining risk and compliance protocols and progress risk treatment plans
• Contribute to technology strategies and product selections
• Ensure security controls are implemented in alignment with Bank Australia’s information security policies and standards
• Provide input into regular governance, risk and compliance information security reporting
• Identify and appropriately manage security risks and drive opportunities to improve security within the Bank Australia environment
• Build strong relationships with internal and external stakeholders to maintain and improve service to business users and enhance knowledge and information sharing.

What you will bring

• Demonstrated experience in a combination of information security risk management, compliance, governance and IT Audit
• Demonstrated experience performing information security audits and control assurance activities across security controls
• Demonstrated experience performing third party security assessment and an understanding of vendor security risk management and assessment practises
• Exposure to and understanding of cyber security standards NIST Cyber Security Framework, ISO27001, PCI DSS
• Strong knowledge of Cyber Security Infrastructure technologies, best practices and broad knowledge of network security concepts
• An understanding of security technologies that are commonly used to detect, contain or prevent security incidents such as IDS/IPS, Endpoint Security, Firewalls, Content Inspection and SIEM
• Experience in the development, operationalisation and maintenance of security policies, procedures and standards
• Understanding of APRA Prudential Standards relating to cyber security
• An understanding and experience with third party risk management
• Sound knowledge of contemporary information security management trends, tools, practices and concepts
• Strong communications skills – verbal, written, interpersonal being able to share knowledge and educate others
• Banking experience and/or knowledge preferred
• One or more related certifications such as CISSP, CEH, CISA, CISM etc.
• Degree in Computer Science or related field
• Commitment to Bank Australia’s purpose, aspiration, values and brand as well as the B Corp ethos.

By submitting an application you agree to Bank Australia’s Privacy Policy for applicants and confirm that you are legally able to work in Australia. Bank Australia is an equal opportunity employer committed to sustainable development. We encourage people from different backgrounds to apply, including Aboriginal and Torres Strait Islander people, people from different cultural backgrounds and people with disabilities because we want to reflect the diversity of our communities. We are committed to making reasonable adjustments to provide a positive, barrier-free recruitment process and supportive workplace.

Bank Australia reserves the right to withdraw this advertisement at any time. Candidates will be progressed as applications are received, rather than after the advertisement closure date. If you wish to be considered, please submit your application as soon as possible. Please note, the successful candidate will be subject to satisfactory background checks including but not limited to police and previous employment.