The Diplomat is your source for Asia-Pacific careers.

Security Engineer

Job Posted 3/6/2025
Latitude Financial Services
Melbourne, Melbourne 3001
Job Description

: Education support, Better giving programme with charity partners, Latitude matches dollar for dollar and Community partner days.

: Flexible work arrangements - balance work and personal responsibilities, Hybrid setup - work from home & the office, 3 Days paid volunteer leave annually, paid community service leave, paid compassionate/bereavement leave.

Yearly salary reviews & STI Bonus.

At Latitude Financial Services, we are seeking a dynamic, delivery-focused security engineer responsible for expanding, enhancing, and maintaining the Information Security and Technology Risk Management function supporting Latitude Pay Technology across Australia and New Zealand.

This first-line information security, technology risk, and cyber risk management role will be accountable for driving uplift in key controls protecting the business operations and security of customer information on the Latitude Pay Platform, and its related business processes, systems, and technology service providers.

Reporting to the Head of Support Services, InfoSec & Tech Risk for the Latitude Pay Division, you will play a crucial role in managing the cyber & technology risk posture of the business unit - assessing, identifying, and remediating control weaknesses to safeguard the Latitude Pay business.

A key part of this role is working closely with Latitude's Enterprise Security function to ensure business unit alignment with Group policies and controls.

In this role, you'll:

  • Platform Security: Develop and implement the security strategy for the Latitude Pay Platform. Collaborate with delivery teams to prioritise and implement strong platform security controls.
  • Identity & Access Management: Define and document the Latitude Pay Identity and Access Management strategy for User Access Management, Privileged Access Management, and Access Provisioning/Deprovisioning.
  • Security Uplift Delivery: Provide security leadership for the Latitude Pay technology roadmap and priorities. Lead platform and business unit level security initiatives and support rollout of any Enterprise Security programs.
  • Risk Management: Conduct periodic risk assessments of the Latitude Pay business unit's technology, cyber risk, and information security risks. Maintain the BU technology and information security risk register and drive associated remediation activities.
  • Technology Compliance: Manage compliance with Latitude policies, standards, technology regulatory requirements, and best practices. Conduct impact assessments for new and emerging technology compliance requirements.
  • Controls Assessment: Implement and manage business unit level technology controls self-assessment and monitoring framework encompassing general computer controls, and application computer controls. Drive automation of control effectiveness monitoring.
  • Vendor Security Management: Review and maintain a register of security assurance documentation of Latitude Pay technology service providers. Identify and develop treatment plans to address any key risks or control gaps identified with services provided.
  • Audit Management: Provide the primary point of contact for all technology-related audit activities on behalf of Latitude Pay Technology for Internal Audit, External Audit, and Regulatory engagements. Monitor and ensure closure of technology-related audit findings.
  • Security Incident Response: Escalate and respond to potential security incidents, leading platform-specific investigations, response, and remediation activities under the direction of the Security Operations Centre / Enterprise Security.

About you:

  • Secure adoption & integration of AWS, Azure, GCP using security-as-code & secure-by-design principles.
  • Experience in embedding & maturing security products/services within agile & DevOps environments.
  • Cloud security automation: designing, coding, and orchestrating security tools.
  • Threat modeling, security user stories, & red teaming (security testing, code review, abuse case testing).
  • Developing security design patterns & deployment guides aligned to enterprise security standards.
  • Promoting a security-first culture within development teams.
  • Collaboration & Stakeholder Engagement - Ability to work cross-functionally with developers, engineers, and security teams.
  • Problem-Solving & Critical Thinking - Quickly identifying and mitigating security risks.

Technical Proficiency:

  • Programming & Scripting: Any prior experience in any of the following languages Python, Node.js, Bash, Golang, Java.
  • Cloud & Infrastructure: AWS (IAM, Logging, SSM, KMS, ACM), serverless (Lambda, DynamoDB, Cognito), containers (Docker, ECS).
  • Security Controls & Authentication: OIDC, security tooling (Clair, Github Advanced Security).
  • DevOps & CI/CD: AWS-native tools (CloudFormation, CodeBuild, CodePipeline), Artifactory.

Sound like you? That's a good sign! In return for your energy and ideas, we offer a flexible working environment and great compensation. We always support a safe, healthy, engaging, and productive working environment for all employees and workers, whether that be in your home and office, or a combination of both.

We're Latitude, partners in money. Latitude may seem like the new kid on the block, but it's taken us almost a hundred years to become an overnight success. Digital payments, cards, and loans is what we offer - but what we really are is a platform that helps people shop and live better. Always living and breathing our values. Take Ownership, Pursue Excellence, Win Together and Create Tomorrow .

We're not engaging any recruitment agencies for this role, so if you're interested, please apply directly!

Successful applicants will be required to complete a background check (including criminal history and bankruptcy check) prior to commencement of employment. Only open to Australian or New Zealand Permanent Residents or Citizens.