IT Security Officer - Sydney

  • Posting Date: 19-08-2019
  • Vacancy number: 22680

We are a global financial services firm with activities in over 25 countries and 85 of the world’s securities exchanges.  We offer a broad range of products and services to professional market participants. We have offices around the world and have been operating in Sydney since 1998. Our other main offices are located in Hong Kong, Singapore, Sydney, Tokyo, London, Amsterdam and Chicago. ABN AMRO Clearing plays an important infrastructural role in the financial markets. As such it is closely monitored by Regulators and Central Banks. This is augmented by the fact that ABN AMRO Clearing holds significant market shares in financial markets across the globe holding top spots in clearing on numerous exchanges in every region.
ABN AMRO Clearing Information Technology has a global focus with many programs on both a regional and global level. The organisation is self-supporting, running its own projects, applications and hosting them from its own data centres across the globe. Architecture and portfolio management are global issues.  IT development, maintenance, support and IT operations are provided by three regional organisations: IT Europe, IT USA and IT APAC. 
Considering Information Technology as a main part of business services, the IT systems and processes have to meet ABN AMRO Clearing strategy demands and internal and external regulations. AAC IT APAC controls the information systems in/for Asia Pacific business in order to deliver efficient, agile and reliable IT services meeting the demands of ABN AMRO Clearing's clients. We are seeking an experienced IT Security Officer to join our  IT Team in the Sydney Officer.  Reporting to the CIO, CTO, and LISO this position is responsible for continuously improving the security of IT by using industry best practices such as security and control frameworks to: 

  • knowing what needs to be secured and assessing the effectiveness & efficiency of the current preventive security controls
  • the implementation of preventive controls, where the minimum control level is defined by corporate policies, procedures and baselines
  • the detection of security events as soon as possible after the events took place
  • responding quickly and adequately to security events
  • recovering from a security incident in a controlled and predictable way

 Quantitative information
Region of responsibility: APAC

  • countries: 4
  • hosted applications: large 15 -25 / normal 80 - 120
  • data centres: 2 - 8
  • transactions: Approximately 2 - 6 million / day


    Responsibilities   Strategic support Work with the LISO to develop a security program and security projects that address identified risks and business security requirements. Manage the process of gathering, analysing and assessing the current and future threat landscape, as well as providing the CISO with a realistic overview of risks and threats in the enterprise environment.
      Security Liaison 
    Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors. Provide security communication, awareness and training for audiences, which may range from senior leaders to field staff. Manage security issues and incidents, and participate in problem and change management forums. Architecture/Engineering support 
    Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software. Ensure the implementation of technical controls to support and enforce defined security policies. Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyse its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements.
      Operational Support 
    Manage and coordinate operational components of incident management, including detection (monitoring), response and reporting. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
    Manage security projects and provide expert guidance on security matters for other IT projects. Conduct assessments to evidence the effectiveness of IT security controls that are implemented on/in processes, procedures, software and hardware. Report periodically on the state of IT security to the CIO, CTO and LISO (who reports into the GISO). Collect metrics for IT security components on various dashboards. Oversight of and reporting on the use of Highly Priviledge Accounts (HPAs). Initiates and monitors periodical user access reviews for the IT owned systems.  Knowledge and Experience  

    • Knowledge of information management at a bachelors / masters level or equivalent work experience
    • Information security management qualifications such as CISSP
    • Knowledge of industry wide IT standards (ITIL/COBIT)
    • Knowledge of IT Security baselines ISO/IEC 27000 or higher
    • Good understanding of standard hard and software solutions (linux, windows, vmware, x86 servers, firewalls, routers, switches etc.)
    • Knowledge of the systems and IT processes of the AAC Region.
    • Hands on experience with selecting, implementing and operating various security tools (SIEM, IAM, DLP, etc.)
    • >5 years of IT experience, >2 years of experience in an information security role


    ABN AMRO fosters a working environment for people who want to contribute to a culture of excellence. We make a difference with our expert employees, who are driven by a desire to continue developing. We have confidence in the professionalism and entrepreneurship of our employees.  We attract people who take their job and their talents very seriously, and in return we give employees the responsibility and the scope to excel in their role.  You will be working with a group of people who have the same drive and vision, but whose backgrounds and experience are as diverse as those of our clients. That is a way of ensuring that we exceed each other's expectations and continually grow. 


    We are looking for an exceptional candidate who has a professional approach, is a subject matter expert and has demonstrated IT Security experience.  In return, we will offer you an attractive remuneration package, great employee benefits and the opportunity to work in a progressive and innovative working environment. 


    If you think you are what we are looking for, please apply now and in your cover letter, please let us know how your experience fits the above criteria.



    Applicants will only be contacted if they are successful for an interview.





    Indication of Application Process

    Step 1: Application

    Fill out the information on the application form and upload your motivation letter and resume

    Step 2: First interview

    You will receive a confirmation of your application by e-mail. Within two weeks you will hear if you are invited for an interview

    Step 3: Online assessment

    You make an online cognitive test or an online assessment

    Step 4: Second interview

    You are invited for a second interview

    Step 5: Job offer

    You receive your job offer, once you have accepted it is time to start!

    Related vacancies