Security Specialist - Controls and Compliance at carsales

Melbourne, Victoria, Australia -

Full Time

Start Date

Immediate

Expiry Date

29 Jun, 26

Salary

0.0

Posted On

31 Mar, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, Information Security, Policy Development, Security Architecture, Compliance, Microsoft Entra, Purview, Crowdstrike, Zscaler, AWS, NIST Maturity Assessment, ISO 27001 Certification, SOC 2 Attestation, Attention to Detail, Prioritization, Proactive Work Ethic

Industry

technology;Information and Internet

Description

Company Description Are you ready to be a big part of something big? CAR Group has been driving innovation and growth since the 1990s. Collectively, our world leading marketplaces bring together deep expertise powered by a talented team, data, and technology across Oceania, Asia and The Americas. We deliver world leading technology and advertising solutions designed to make buying and selling a great experience and are the parent company of wholly owned digital marketplaces in Australia (carsales), South Korea (Encar), the United States (Trader Interactive) and Chile (chileautos), in addition to being a majority shareholder of webmotors in Brazil. With a vision to be the global leader in online vehicle marketplaces, we’re transforming how people buy and sell across the world. We discover new ideas and bring them to life. We continue to grow, and we continue to evolve and we’re committed to taking innovative steps to get there. We’re looking for a Security Specialist - Controls and Compliance to help deliver a program that strengthens our global cybersecurity posture. Working closely with technology and business teams, this role embeds clear security standards, supports shared security initiatives and uplifts technical controls. We embrace hybrid working combining the flexibility of remote work with the energy and connection of in person collaboration. We champion flexibility and offer a range of policies and leave options to support your wellbeing. What’s on offer Recognition as one of Australia’s Best Workplaces™ by Great Place to Work®, a Family Friendly Workplace, a WORK180 endorsed employer. A highly engaged, collaborative team where you’ll learn from exceptional talent. 24 weeks paid parental leave for primary caregivers, four weeks for secondary caregivers, and six weeks paid gender-affirming care leave. Regular hackathons, continuous learning opportunities, and wellbeing initiatives that support your mental, emotional, and physical health. Job Description What you’ll do This is your opportunity to be a big part of something big by helping drive an ambitious program of work to continually strengthen our global cybersecurity posture. Your day-to-day will be varied but some of what it will entail includes: Help refine our global cybersecurity policies, procedures and standards, and ensure our businesses have the information and tools they need to align to those policies. Help govern the rollout of a shared suite of security programs across the group. Develop, refine, release and measure technical controls (DLP, AUP etc.) across our security architecture to further encourage adherence to global policies. Assist in making our businesses audit-ready through monitoring maturity levels and evidence collection. Assist our businesses in response to security events and incidents. Qualifications What are we looking for? Demonstrated experience in cybersecurity and information security roles, including policy development, security architecture and compliance. Experienced and confident navigating and developing technical controls using tools such as Microsoft Entra and Purview, Crowdstrike and Zscaler, and in large cloud environments like AWS. Experience assisting an organisation through a NIST maturity assessment, ISO 27001 certification and/or SOC 2 attestation. Comfort working within a regularly changing and fast-paced global environment. You’ll have a high attention to detail and the ability and skill to prioritise, organising both yourself and those around you. A can-do proactive work ethic and results focused mindset – you’re comfortable to ask questions, eager to build relationships with our global businesses, and driven to get involved with any task required to get the job done. Additional Information A few other things we want you to know... As an equal opportunity employer, CAR Group welcomes applications from individuals of all backgrounds, identities, abilities, and life experiences. We are committed to fostering a diverse and inclusive workplace where everyone feels valued and supported. If you have a disability or require adjustments to participate fully in the recruitment process, please let us know we’re here to support you. We understand the importance of work-life balance and offer flexible working arrangements, including part-time options. If you’d like to explore this, just ask during the process. We’re also a proud Circle Back Initiative employer, which means we commit to responding to every applicant. Successful candidates joining the CAR Group team will need to complete a National Police Record check and must have full-time Australian working rights. So come and join us - because every role is a big role in our plans to go big. Employment Status: Full Time

Responsibilities

This role involves driving a program to continually strengthen the global cybersecurity posture by refining global cybersecurity policies, procedures, and standards. Responsibilities include governing the rollout of shared security programs and developing/measuring technical controls across the security architecture.