Chief Information Security Officer

Why Tyro? 

At Tyro, we’re into business big time. Through our integrated payments, banking and lending solutions, we’re here to ensure nothing stands in the way of Australian business success. With over 21 years' experience under our belt, we know what it takes to build something great, which is why we combine the best people, technology, and partners to deliver simplified payments and seamless business banking to our customers. We’re proud to power more than 73,000 merchants across Australia and to work with more than 700 partners to create seamless experiences for hospitality, retail, services and health providers. 

It starts with You. 

Just like our customers, we’re obsessed with the success of our people. So, when you come onboard, we’ll give you all the support you need to do your best work. Our close to 600 Tyros are a highly collaborative team, so you’ll get to work with smart, motivated and friendly people across Tyro. We are fast paced and innovative and strive to live our values everyday – commit to greatness, stay hungry, wow the customer, be good and win together!  We are big enough for you to have opportunities to have a career at Tyro and small enough that you can have a real impact. As we continue our mission to shake things up and make payments the easiest part of doing business, you’ll have the opportunity to learn new skills with hands-on experience, further your career, and help unleash the potential of our customers, one payment at a time. 

🎥 Step inside life at Tyro here.

About the role:

As the Chief Information Security Officer (CISO) at Tyro, you will be responsible for establishing, maintaining, and overseeing Tyro's information security program. You'll be reporting into our Chief Risk Officer (CRO) and lead the strategic development and implementation of security policies, procedures, and technologies to protect Tyro's assets, data, and reputation, ensuring compliance with relevant regulatory requirements, particularly within the finance industry and APRA guidelines.

This role requires a strategic and collaborative leader with a strong technical and risk management background, capable of maturing an existing security program and fostering a security-first culture across the organisation.

What you'll do:

Security Strategy and Leadership:

• Develop and execute a comprehensive information security strategy aligned with Tyro's business objectives and risk appetite.

• Provide leadership and direction to the security team, fostering a high performance and collaborative environment.

Policy and Procedure Development:

• Provide leadership and direction to the security team, fostering a high performance and collaborative environment.

• Ensure that security policies are effectively communicated, understood, and adhered to across Tyro.

Risk Management and Assessment:

• Lead the identification, assessment, and treatment of information security risks.

• Oversee the development and execution of incident response plans and business continuity plans.

Compliance and Regulatory Requirements:

• Ensure Tyro's compliance with relevant finance industry regulations, including those mandated by the Australian Prudential Regulation Authority (APRA).

• Manage security audits and assessments, both internal and external.

Security Architecture and Technology:

• Provide guidance on the design and implementation of secure IT architectures and infrastructure.

• Oversee the deployment and management of security systems, such as firewalls, intrusion detection/prevention systems, anti-malware solutions, and data loss prevention tools.

Security Awareness and Training:

• Develop and implement security awareness training programs to educate employees on their roles and responsibilities in maintaining a secure environment.

• Promote a security-conscious culture throughout Tyro.

Incident Response and Management:

• Lead the investigation and response to security incidents, ensuring timely and effective resolution, including post incident reviews and the implementation of lessons learned.

• Develop and maintain incident response plans and procedures.

Vendor Security Management:

• Develop and implement processes for assessing and managing the security risks associated with third-party vendors.

• Ensure that vendor contracts include appropriate security requirements.

What you'll bring:

• Previous experience in leading, growing and developing security teams.

• Proven leadership experience within the information security space ideally within the financial services industry.

• Demonstrable experience in developing and implementing security strategies, policies, and procedures.

• Strong understanding of risk management frameworks and methodologies.

• Proven experience in managing security compliance requirements, particularly within the Australian financial regulatory landscape, including familiarity with APRA guidelines (e.g., CPS 234, PCI/DSS).

• A strong understanding of security technologies and best practices.

• A commercially focused mindset.

• Bachelor's degree in Computer Science, Information Security, or a related field.

• Relevant industry certifications; CISSP, CISM, etc would be beneficial.

What’s in it for you? 

We’ve worked hard to create an environment that’s big on diversity, inclusion, and flexibility, and one that suits the changing needs of team members across Australia. Here are just some of the things Tyros tell us they love about working here.

You’ll also receive: 

• A mix of in-office and remote working 

• Learning and career development opportunities 

• 16 weeks paid primary carers leave 

• 12 weeks paid secondary carers leave 

• Annual team-based volunteer day 

• Birthday Leave  

• Power Up Day (Additional day of leave) 

• Weekly team social events, snacks, craft beer and wine, ping pong and video games 

• Taco Tuesdays 

• Mental health and wellness initiatives 

• Novated leasing 

Tyro is committed to a diverse, inclusive workplace where everyone thrives. We welcome applicants of all backgrounds and are an equal opportunity employer. If you need accommodations or adjustments at any stage of the recruitment process, simply inform our Talent team during your conversation with them.

Still with us?

If you’ve got this far, then you might just be a great fit for us. Don’t tick all the boxes above? That’s ok, apply anyway and our Talent team will review your profile - you might be a fit for future roles.

#LI-Hybrid