Information Security Consultant

at  WESTPAC BANKING CORPORATION

JOB DESCRIPTION

• Exciting opportunity to be part of Cyber Security Purple (Offensive/Defensive) team
• Opportunity for growth and development
• Sydney based

START HERE. JUST CLICK ON THE APPLY BUTTON.

At Westpac we are committed to providing a supportive culture and creating diverse, inclusive, and accessible workplaces, branches, products and services for our customers, employees, and community. This role is open to experienced candidates seeking a discussion around workplace flexibility. We invite candidates of all ages, genders, sexual orientation, cultural backgrounds, people with disability, neurodiverse individuals, and Indigenous Australians to apply. If you have questions about the recruitment process, please email talentacquisition@westpac.com.au.

KEY RESPONSIBILITIES

• Ensure that Westpac continues to be protected against current and emerging threats through the implementation of Purple Team engagements.
• Ensure that all Purple Teaming findings are captured centrally, are reviewed by blue teams, that remediation steps are identified, and that remediation is allocated to the appropriate service owner. Remediation may occur through BAU or projects, within ISG or in other parts of the Group.
• Coordinate and lead technical workshops to advise on the design of security controls improvement.
• Identify patterns of findings which may indicate control weaknesses, and similarly initiate remediation or control improvement
• Provide reporting on (a) aggregate Purple team findings, (b) remediation commitments, (c) progress against those commitments, and (d) subsequent improvement in the Group’s protection against sophisticated threats.
• Provide visibility of security controls effectiveness measures, based on the MITRE ATT&CK Framework and associated Purple Team engagements.
• Ensure virtual teams adhere to Purple Teaming policies, processes, methodologies, standards, and guidelines
• Advise on the development, implementation and maintenance of security policies, procedures, standards, governance frameworks and strategies, and assist with development of security tools and processes to ensure that Westpac operates within the established risk appetite.
• Implement Purple Team strategies and plans to continue to mature our Purple Teaming capabilities, with a strong linkage to the Westpac Red (offensive) Team, Blue (defensive) Teams and Cyber Threat Intelligence capabilities.

To be successful in this role, you need to have the following skills, education & personal attributes:

• Strong experience in information security, threat intelligence, risk management, or equivalent role
• A good understanding of security controls related to red team findings, blue team operations and cyber threat intelligence.
• Familiar with the use of cyber threat intelligence to inform control and investment decisions.
• Demonstrated strong experience in managing virtual teams to deliver Purple Team engagements and providing visibility of security control improvements to senior management.
• Project Management Certifications or equivalent
• Tertiary education in Cyber Securit