Security Analyst

About Us

Xinja is building the first, Australian, independent 100% digital bank designed entirely for mobile. We are building a bank with our customers and designed in their interests. Neobanking will disrupt the existing banking model and create a whole new generation of experiences.

Developing the first neobank in the country is an exciting and challenging task. Our ethos is based on a win-win with our customers; if they do well, so do we. We believe it’s time Australians had access to the kind of technology that just allows them to get a lot more out of their money, with less angst.

We extend that attitude to our people and our partners. We look after our staff, and trust them with significant responsibility, but support them well. This is a great opportunity to be part of building a great company, and a fabulous brand.

Our 10 golden rules

To be successful at Xinja you are going to need to be happy working with our 10 golden rules

  1. No dickheads… However good they may be. No dress code, but sometimes you need to look smart 🙂 . No power trips because of a hierarchy. Intellect, customer experience and implementation is all that matters. 
  2. Everything is in the cloud.  
  3. We use real time data to evaluate our business and we reward staff on a quarterly basis with an entirely discretionary profit share. No one gets a share of the profit if our investors aren’t making money and our customers aren’t happy. 
  4. We are here to make money, that’s why we exist, and we don’t screw people over to do it. We don’t lie to our clients in person or in marketing. We don’t engage in immoral lending; if our grandmother would think it was wrong, then it is. We aim to make lots of money ethically and we are proud of it. 
  5. No one is entitled to work at Xinja. It is a huge honour to represent people’s hopes of a new bank and we earn that honour every day. 
  6. We look after our people bloody well. We stand by them if they are in genuine need. 
  7. We are truthful and direct with each other. Everyone says what they think in a robust, challenging, edgy environment. That means we won’t be the right place for everyone to work, and that’s ok. 
  8. We only hire people better than us. We never, ever settle because we need a body. We do psychometric testing to get the best people, every time. 
  9. About half our team, executive and board will be female, if they aren’t we aren’t recruiting the best people. We actively seek all types of diversity combined with brilliance. 
  10. If you discriminate against someone because of who they love/sleep with, you’re a dickhead… Please see rule 1.

The Role

The Security Analyst will be responsible for assisting the CISO and Security Manager in building upon and improving Xinja’s Information Security Program. You will be the primary technical security resource in a small team responsible for the day-to-day operations of the security of all things Xinja.

You will provide technical recommendations and strategic input relating to the security architecture, operations and governance programs for Xinja. You will have a strong background in incident response with proven experience handling incidents for financially regulated institutions.

Ideally, you will have a relevant certification such as GCIH or GCFA. You will manage vendors including outsourced level 1 security monitoring functionality (SOC) as well as other managed service providers operating in the IT operational and security spaces. You will be ultimately accountable for the accuracy, responsiveness and professionalism of advice and services provided to Xinja by the security team

Responsibilities:

  • Support the CISO and Security Manager to build and improve Xinja’s Cyber Security maturity including organising, supporting and executing audit, third party penetration testing and due diligence of suppliers.
  • Liaise with the architect and development teams to ensure Cyber Security considerations are met during the delivery lifecycle and that controls are implemented appropriately.
  • Assist with security assessments for suppliers.
  • Conduct penetration testing on both internal and external corporate networks, analyse security vulnerabilities and recommend technical and strategic mitigations
  • Recognise potential, successful and unsuccessful intrusion attempts and compromises through analysing events and summary information data provided from various managed service providers, engaging the IR process and team as required
  • Work with vendors and suppliers to ensure security tools are up-to-date, relevant and deployed across the enterprise. Tools include HIPS, host-based firewalls, anti-virus, vulnerability management, cloud access security broker, DLP, MDM and more.
  • Participate in the development of the security awareness program and co-ordinate educational activities and programs with Xinja staff
  • Research trends in managing information security to assist with improving incident response programs, situational awareness strategies, and the overall information security program
  • Drive the development and enhancement of detection and response capabilities, including use-case development and detection rules, SOP documentation and implementation of incident response methodologies.
  • Perform threat hunting independent of system alerts.
  • Develop new correlation rules to alert on new use cases.
  • Develop modifications/configurations that should be applied to security enforcing tools to mitigate the threat from new attacks.

Requirements and Qualifications:

  • 5+ years of experience in a front-line information security role as an analyst or team lead.
  • An understanding of enterprise security architecture principles, standards and techniques, and practical experience in how to apply these in an enterprise
  • Knowledge of technological trends and developments in the area of cyber security and cyber risk management
  • Knowledge of information security and risk control frameworks
  • Excellent communication and engagement skills
  • High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
  • High degree of initiative, dependability and ability to work with little supervision while being resilient to change.

Changing banking for good:

At Xinja, we believe in embedding the brand in every customer experience, and therefore marketing is core to what we do. Developing the best neobank in the country is an exciting and challenging task. Our ethos is based on a win-win with our customers; if they do well, so do we. We believe it’s time Australians had access to the kind of technology that just allows them to get a lot more out of their money, with less angst. We are for profit and for purpose.
We extend that attitude to our people and our partners. We have an inclusive and diverse culture where we look after our staff and trust them with significant responsibility but support them well. This is a great opportunity to be part of building a great company, and a fabulous brand, AND learn heaps along the way.

If you’re up for this:

Please email your CV to ​[email protected]

And check out the hiring process we go thru here

Download the full job description here

[gravityform id="5" title="false" description="true" ajax="true"]
[gravityform id="7" title="false" description="true" ajax="true"]
[gravityform id="8" title="false" description="true" ajax="true"]