Rabobank is the world’s leading specialist in food & agribusiness banking. One of our key strengths lies in our people who have a deep understanding of agriculture & are committed to adding long-term value for clients. Our commitment to our employees & clients is at the heart of everything we do.
Rabobank’s Information Security function forms part of the Security & Control department within the COO Domain. The department is currently seeking a Head of Information Security to be based in Sydney. This role is responsible for overseeing & directing Australia & New Zealand’s information security strategy, ensuring the protection of sensitive data & systems from cyber threats. It is primarily focused on establishing & maintaining governance structures & processes to manage information security (including cybersecurity) risks within Rabobank effectively.
This role reports to the General Manager, Security & Control - ANZ.

Leadership, & Governance

• Act as the Security Officer for Rabobank Australia & New Zealand
• Develop & implement information security, governance, risk, & assurance strategies, frameworks, policies, procedures, & guidelines that protect the bank’s information & technology assets & mitigate risks
• Define & track key performance indicators (KPIs) & metrics to measure the effectiveness of the cybersecurity governance function
• Provide regular reports to senior management including board & key stakeholders
• Manage, coach, & mentor team members, ensuring capabilities as a team are enhance
• Establish strong relationships both locally & globally with technology teams, global CISO Office & all COO Domain regions
• Ensure compliance with industry standards & regulations (CPS 234, ISO 27001, NIST, RBNZ Cybersecurity regulations, SOCI Act & DORA)

Security Operations & Incident Response

• Lead the Security Operations team to investigate & mitigate security incidents; monitor & respond to cyber threats, security alerts, & vulnerabilities
• Develop & maintain threat intelligence programs
• Lead the response to security incidents & breaches, ensuring timely & effective resolution
• When required, manage Major Incidents that affect the bank’s IT systems & participate in the Crisis Management Plan

Third-Party Risk Management

• Work with third-party supplier relationship managers (SRMs), third-parties, & other key stakeholders to triage third-party cyber security incidents & determine the impact to Rabobank Australia, New Zealand’s information assets
• Work closely with procurement & legal teams to ensure third-party risk management practices are integrated into the vendor management process

Identify Access Management

• Develop strategies to innovate, continuously improve, & mature the Information Security Governance, Security Operations & IAM capabilities, as well as the compliance, risk, & security ambitions for the bank in the protection of its IT assets through delivering strategic programs of work