Senior Security Delivery Manager

Why work for Tyro

We're not just like every other bank. Tyro has always been a tech company at heart, but fostering a diverse and inclusive environment, and a passion for continuous learning has always been one of the most important parts of our company's culture.

Tyros are a highly collaborative mix of people. You will work closely with our awesome teams and individuals in engineering, product management, customer support, sales and other functions within the business. Our strong team of 600+ Tyros, just like our customers, are the lifeblood of our business. We go to great lengths to ensure a positive and enjoyable employee experience for all. Everyone is committed to delivering great outcomes for our customers, and you will have the chance to change the face of payments and commerce for Australian businesses.

About the role:

The Senior Security Delivery Manager is a strategic leader responsible for vendor and contract management, security product oversight, and threat and vulnerability management. They establish and maintain vendor relationships, ensuring performance aligns with business objectives while managing contracts to meet compliance and regulatory standards. Overseeing the security product lifecycle, they collaborate with architects and engineers to align solutions with business needs and drive innovation. Additionally, they report on threat and vulnerabilities and liaise with business stakeholders on patching prioritisation. With expertise in security frameworks, regulatory compliance, and strong stakeholder management, this role ensures security investments deliver value and maintain a resilient security posture.

This role involves a combination of technical hands-on work and strategic oversight, with a typical workweek expected to be allocated as follows: Execution 70% | Managing Change 20% | Influencer 10%

What you'll do:

• Establish and maintain relationships with security vendors and service providers, ensuring performance aligns with SLAs and business objectives.

• Negotiate contracts, renewals, and service agreements while collaborating with procurement and legal teams to mitigate risks.

• Have visibility of third-party security assessments, due diligence processes, and contract compliance.

• Manage the lifecycle of security products, defining roadmaps and ensuring alignment with business and security strategies.

• Work closely with security architects and engineers to enhance product capabilities and integrate them with existing infrastructure.

• Identification threats and vulnerabilities, ensure timely patching and mitigation.

• Collaborate with security operations and incident response teams to improve detection, response, and risk management strategies.

• Ensure compliance with security frameworks (e.g., NIST, ISO 27001) and industry best practices while managing regulatory risks.

• Develop security metrics, automation strategies, and reporting mechanisms to track performance and risk exposure effectively.

• Advocate for security initiatives, align security strategies with business objectives, and influence decision-making at an organisational level.

• Conduct regular security reviews, audits, and continuous improvement efforts to enhance the organization’s security posture.to support security control operating effectiveness.

What you'll bring:

• Extensive experience in cybersecurity delivery across vendor management, contract management, product management, and threat & vulnerability management.

• Strong vendor and contract management skills, including negotiation and SLA management.

• Deep understanding of security frameworks and standards such as NIST, ISO 27001, CIS, and regulatory requirements like GDPR, PCI-DSS, and SOC 2.

• Proven experience in security product lifecycle management, including evaluation, deployment, and continuous improvement of security technologies.

• Experience in threat intelligence and vulnerability management.

• Strong risk management and governance capabilities, with the ability to translate security risks into business impact and risk-based decision-making.

• Technical knowledge of cybersecurity domains, including cloud security, network security, identity & access management (IAM), and endpoint security.

• Ability to lead security initiatives and programs, ensuring timely delivery of projects and BAU security operations.

• Strategic thinking and problem-solving skills, with the ability to balance security and business priorities.

• Excellent stakeholder management and communication skills, with the ability to influence senior leadership and collaborate with cross-functional teams.

• Knowledge of emerging security threats, technologies, and industry trends, ensuring proactive security posture improvements.

• Ability to drive process improvements and automation to enhance security operations and reduce operational overhead.

• Experience managing budgets and financial aspects of security programs, including cost optimization and return on investment (ROI) assessments.

• Strong leadership and team management skills, with the ability to mentor and develop security professionals.

Perks and Benefits

We’ve worked hard to create an environment that’s big on diversity, inclusion, and flexibility, and one that suits the changing needs of our people across Australia. Here are just some of the things Tyros tell us they love about working here:   

• A hybrid working policy that truly enables you to live your best life 

• Learning and career development opportunities 

• 16 weeks paid primary carers leave 

• 12 weeks paid secondary carers leave 

• Annual team-based volunteer day 

• We're a social bunch, we love a weekly team social event, snacks, a selection of craft beer, wine and non-alcoholic beverages, ping pong and video games 

• Taco Tuesdays 

• Mental health and wellness initiatives 

• Personal finance initiatives 

#LI-Hybrid