INFORMATION SECURITY OFFICER

ABOUT THE ROLE - INFORMATION SECURITY OFFICER

As an Information Security Officer with Zepto you will develop and maintain the information security posture of the entire technology ecosystem of Zepto payments. You will work closely with our head of departments, to provide guidance, coaching and other types of assistance with all things security, whilst continuing to raise the bar on our security expectations and capability.

As our Information Security Officer, you day to day will see you striving to provide better service to our delivery teams whilst ensuring better practices across the business. You will apply a consultative and advisory approach when working with the wider Zepto team, and empower them to work confidently and to utilise the self service facilities you establish. You will also support the delivery teams in incorporating information security concerns into their delivery practices. Your role will be critical in working alongside the heads of departments, to facilitate the execution of the information security roadmap and look to uplift our processes along the way.

Focus Areas

• Support our heads of departments to learn from and leverage the information security improvements made by their peers, by facilitating peer group collaboration and knowledge sharing
• Establish, maintain and communicate a prioritised backlog of initiatives to uplift information security across the business
• Support our team in making good decisions in the realm of information security without needing subject matter expertise; for example, by establishing principles for making information security decisions, and tracking and publishing those decisions
• Lead, achieve and maintain security certification initiatives such as ISO27001
• Ensure that heads of business units are aware of and equipped to discharge their and their teams’ responsibilities in the realm of information security for their systems
• Prepare for and coordinate the handling of any significant security incidents that may arise

A bit about you….

You are highly motivated, energetic, and willing to thrive in a high growth organisation and ideally, have experience working in a fast growing technical company. You have a strong familiarity with a variety of information security standards and frameworks (e.g e.g ISO27001, 27011, 27005, 27035, PCI/DSS, NIST Cybersecurity Framework, etc).

You have an impressive track record of achieving outcomes through leadership and influencing skills. You are known for your excellent interpersonal and facilitation skills, and have excellent written and verbal communication skills.

You are familiar with current and evolving privacy obligations (e.g. Consumer Data Right, Australian Privacy Principles, etc) and can easily communicate complex ideas to non technical and technical people. You have excellent planning skills and experience, naturally capable of seeing dependences and driving others to deliver, while maintaining great relationships.

Your colleagues are inspired by you, they want to learn from you. You work effectively as part of a team or independently. You are ambitious, driven and engaging. You inspire others to work with you and you are fundamentally a good human to have as a colleague.