Manager, Cyber-security Governance, Risk And Compliance

• Cyber security professional with deep expertise developing and implementing effective GRC programs in the financial services industry.
• Deep understanding of relevant laws, regulations, and industry standards (e.g., GDPR, PCI, SOC2, ISO 27001, NIST). 
• Strong skills in aligning cyber security initiatives with business objectives and ensuring adherence to governance frameworks.

Start your adventure with Zip 

Join Zip’s Technology, Engineering and Cyber-Security function and put your name to solving fascinating challenges at scale in an agile, test-driven development environment. If you value good domain-driven design and enjoy delivering quality work at pace, you’ll be a great fit with the squads responsible for building cloud-native software applications that serve millions of customers and process billions of dollars in payments. 

Interesting problems you’ll get to solve

• Developing Robust Risk Assessment Frameworks: Create and implement advanced risk assessment models to identify and mitigate emerging cyber threats specific to the financial services industry.
• Ensuring Compliance with Evolving Regulations: Navigate complex regulatory environments by ensuring continuous compliance with evolving laws and standards such as GDPR, PCI DSS, and SOX.
• Enhancing Incident Response and Management: Design and optimize incident response plans to effectively handle data breaches and cyber attacks, minimizing downtime and financial loss.
• Implementing Cutting-Edge Security Technologies: Integrate and manage state-of-the-art security technologies and tools to protect sensitive financial data and customer information.
• Conducting Comprehensive Security Audits: Lead thorough internal and external security audits to uncover vulnerabilities, ensuring the company’s infrastructure meets the highest security standards.
• Fostering a Security-Aware Culture: Develop and deliver training programs to promote a culture of security awareness among employees, reducing the risk of human error and insider threats.
• Optimizing Data Privacy Practices: Implement and refine data privacy practices to safeguard customer information, ensuring the company’s data handling processes are transparent and secure.
• Managing Third-Party Risks: Assess and manage risks associated with third-party vendors and partners, ensuring they adhere to the company’s security and compliance standards.

What you’ll bring to the team 

• Bachelor’s Degree in Computer Science, Information Technology, Cyber Security, or a related field is required.  A Master’s Degree in Cyber Security, Risk Management, or Business Administration is preferred.
• 10+ years of experience in governance, risk, and compliance (GRC) within the cyber security domain is essential.
• Experience working for a U.S. financial regulator, Treasury Department, Federal Reserve Bank or a Public Auditor.
• Proven track record of developing and implementing GRC frameworks in a financial services environment.
• Demonstrated experience in conducting risk assessments and managing compliance audits.
• A Certified Information Systems Auditor (CISA) is required.  Certified Information Systems Security Professional (CISSP) or  Certified Information Security Manager (CISM) is preferred.
• Proficiency in risk assessment methodologies and tools.
• In-depth knowledge of regulatory requirements and standards (e.g., GDPR, PCI DSS, SOX, ISO 27001, SOC2, NIST).
• Experience with security technologies and solutions (e.g., SIEM, DLP, IAM).
• Strong interpersonal skills with the ability to build relationships and collaborate effectively across departments, including IT, legal, finance, and operations.
• Excellent communication skills with the ability to convey complex security concepts to non-technical stakeholders clearly and concisely.
• Proven ability to lead cross-functional teams and manage multiple projects simultaneously.
• Experience in developing and delivering training programs to enhance security awareness and promote a culture of compliance.
• Analytical and problem-solving skills to identify and address GRC challenges proactively.
• Attention to detail and a high degree of accuracy in work.
• Project management skills to plan, execute, and monitor GRC initiatives.
• Ability to stay current with emerging threats and industry trends to continuously improve the organization’s GRC posture.
• Experience in managing resources within GRC functions to optimize performance and ensure effective risk and compliance management.

What you’ll get in return

As we write this next exciting chapter in our story, we will continue to move at pace and embrace change. For you, this might mean opportunities to learn new skills with hands-on experience, broader responsibilities, or the buzz of seeing your work impact customers faster.  

Zip is a place where you’ll get out exactly what you put in. When you join the team, we'll do our best to make sure you can be yourself and surround yourself with smart, friendly colleagues and leaders who have your back, so that you can make the big things happen.

Zipsters tell us these are just some of the best things about working here. You’ll also receive:

• Flexible working culture
• Incentive programs
• 20 days PTO every year
• Generous paid parental leave
• Leading family support policies
• 100% employer covered insurance
• Beautiful Union Square office with a casual dress code
• Learning and wellness subscription stipend
• Company-sponsored 401k match

The Pay Range for this position: $161,400- $193,680 USD based on the industry benchmark for position, function, level and Zip's compensation strategies. However, actual base salary will depend on varying circumstances and individualized factors, such as job-related knowledge, skills, experience, and other objective business considerations. 

Subject to those same considerations, the total compensation package for this position may also include other elements, including a bonus and/or equity awards, in addition to a full range of medical, financial, and/or other benefits. 

Be a part of a team that reflects the diversity of our customers

We pride ourselves on being a workplace that provides equal opportunities to people of all ages, cultural backgrounds, sexual orientations, gender identities, abilities, veteran status, and everything else that makes you unique.

Equally, we’re committed to ensuring our recruitment processes are accessible and inclusive. Please let us know If there are any adjustments that need to be made to ensure you have a fair and equitable experience.

And finally…get to know us

Zip Co Limited (ASX: ZIP) is a digital financial services company, offering innovative, people-centred products that bring customers and merchants together.

Operating in two core markets - Australia and New Zealand (ANZ) and the US, Zip offers point-of-sale credit and digital payment services, connecting millions of customers with its global network of tens of thousands of merchants.

We’re proud to be a values-led business and our values - Customer First, Own it, Stronger Together and Change the Game - guide us in everything we do.

I acknowledge by clicking "Submit Application", that the information provided is true and correct. I also understand that any willful dishonesty may render for refusal of this application or immediate termination of employment. By providing your information, you acknowledge that you have read our Zip Applicant and Candidate Privacy Notice and authorize Zip to process your data subject to those terms

Before you apply, give Zip a try   -> rebrand.ly/check-zip-out