mx51 is a payments-as-a-service solution for banks, non-bank acquirers, and other merchant service providers. We are building a payment platform that allows merchants to accept payments in-store, in-app and online, whilst consolidating all their data on a real-time business management dashboard.
We’re a bank grade scale-up which means we take security seriously and are able to get stuff done. We’re looking for a new Head of Cyber to join us and do exactly that - taking our cyber capabilities to the next level!
About the role
Reporting to the CTO, you'll be responsible for the security outcomes of our organisation and the products and services we provide to our customers.. You’ll own everything from cyber strategy and governance to operations and defence. You’ll also be the lead representative for security to the board, the executive leadership team, customers, auditors and engineering peers.
Some of the key responsibilities:
- Maintain awareness of threats and regulations that impact mx51
- Regularly assess mx51 versus best practice and industry frameworks to establish cyber priorities
- Engage with customers to understand their security needs
- Own the cyber strategy and roadmap
- Define the Information Security policy, standards and guidelines
- Define and implement guardrails to ensure product designs and solutions have the appropriate security controls
- Facilitate regular security assurance of mx51 products and infrastructure
- Manage protective technology solutions such as IdP, EDR, CNAPP
- Manage security event detection technology and response processes
- Regularly report upon cyber risk profile and the status of initiatives to stakeholders
- Manage a team of engineers, focused on product security and security operations
During your first 6 months you can expect to:
- Help design and secure a new MPoC (Mobile Payments on COTS) solution - one of the first for Australia
- Optimise our new CNAPP solution
- Continue to enhance our data loss prevention controls
- Mature our existing security event detection capability into Detection as Code
About you
Some of the things we’re looking for:
- Experience in multiple security disciplines such as event detection, incident response, application security or governance, risk and compliance
- Experience of engaging with stakeholders such as Product Owners or Customers to review requirements, develop proposals and coordinate security assessments
- Experience in designing and implementing security control strategies within AWS, including CNAPP technologies
- Ideally holds one or more security certifications such as CISSP, CISM, SANS, etc.
We know this sounds like a lot! If you have experience in most but not all of these domains, we’d still love to hear from you. If you’re a SecOps veteran that wants to grow into GRC, get in touch. Or alternatively, if you’re a seasoned GRC expert with enough technical depth and desire to step into SecOps, hit apply!
For us, culture is the most important. As an organisation we’re growing and maturing so we’re looking for a Head of Cyber that can grow and mature with us.
You will be joining an incredible team who are committed to our vision and company values. Our innovative culture gives you opportunities to make real contributions that will shape the future of the business. In addition to a fun and flexible work environment, we also offer:
- Work from overseas up to 4 weeks per year
- Flexible work practices and tools to help you set up your remote workstation
- Access to co-working facilities across 3 states
- Annual team offsite
- Social events run by our social committee
- Swap a public holiday and take an alternative day off
- Paid leave for volunteering
- Employee Share Option Plan (subject to invitation)
- Paid parental leave for primary and secondary carers
- Novated lease and salary sacrifice options
mx51 is an equal opportunity employer that is committed to creating a diverse and inclusive environment. All qualified applicants will receive consideration for this role without bias to race, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability or age.
Note: mx51 does not accept unsolicited resumes or applications from recruitment agencies.