Zscaler logo
Zscaler

We make it easy to secure your cloud transformation. Get fast, secure, and direct access to apps without appliances.

Principal AI Security Specialist

Security EngineerSecurity EngineerFull TimeRemoteLeadTeam 5,001-10,000Since 2008H1B SponsorCompany SiteLinkedIn

Location

India

Posted

21 hours ago

Salary

0

Seniority

Lead

English

Job Description

Principal AI Security Specialist

Zscaler

About Zscaler Zscaler accelerates digital transformation to ensure our customers can be more agile, efficient, resilient, and secure. As an AI-forward enterprise, we are constantly pushing the envelope, leveraging the world’s largest security data lake to power our cloud-native Zero Trust Exchange platform. This innovation protects our customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Here, impact in your role matters more than title and trust is built on results. We say, impact over activity. We seek innovators who actively use AI to amplify their impact and who thrive in an environment where we leverage intelligent systems to stay ahead of evolving threats. We believe in transparency and value constructive, honest debate—we’re focused on getting to the best ideas, faster. We build high-performing teams that can make an impact quickly and with high quality. To do this, we are building a culture of execution centered on customer obsession, collaboration, ownership, and accountability. We value high-impact, high-accountability with a sense of urgency where you’re enabled to do your best work and embrace your potential. If you’re driven by purpose, thrive on solving complex challenges, and want to be part of the team that’s helping to secure the AI age, we invite you to bring your talents to Zscaler and help shape the future of cybersecurity. Role We are looking for a Principal AI Security Specialist to join our team. This is a Hybrid role, reporting to Ron Burkett. As enterprises race to adopt generative AI, Zscaler is seeking an experienced Principal AI Security Specialist to bridge the gap between cutting-edge AI innovation and robust enterprise security. In this highly strategic, field-facing role, you will combine the elite consultative strengths of a Solutions Engineer with deep expertise in LLMs, RAG architectures, and data protection to serve as a trusted advisor to Fortune 500 executives. As our premier technical authority, you will help customers confidently unlock the power of AI without compromising their data or infrastructure. What you’ll do (Role Expectations) - Architect the AI Technical Strategy: Partner with enterprise account teams to own and execute the technical sales strategy, driving complex, high-value AI security opportunities from discovery to close - Deliver Compelling, High-Impact Demos & POVs: Configure and present tailored, outcome-driven demonstrations of Zscaler’s AI security platform that resonate with both deep-tech practitioners and C-level executives - Serve as a Subject Matter Expert: Act as the field authority on modern AI patterns (such as RAG, agents, and prompt workflows), advising clients on how to prevent sensitive data exposure and unsanctioned AI usage - Scale the Field Motion: Collaborate with Product and Engineering to inject real-world customer feedback into the product roadmap, while building reusable demo assets and enablement playbooks to upscale our global sales force - Enable Those Around You: Develop reusable demos, technical assets, competitive positioning, and enablement content to help scale Zscaler’s AI field motion while sharing best practices and training with enterprise account teams Who You Are (Success Profile) - You thrive in ambiguity, remaining comfortable building the path as you walk it and viewing dynamic environments as the raw material to create something meaningful. - You act like an owner, letting your passion for the mission fuel a strong bias for action while navigating seamlessly between high-level strategy and hands-on execution. - You are a high-trust collaborator who is ambitious for the team, embracing a challenge culture by giving and receiving candor with clarity and respect. - You are customer-obsessed, building deep empathy for both internal and external customers to anchor decisions in solving real-world problems. - You are driven by innovation, possessing a deep curiosity for how things work and an energy for solving complex technical challenges to accelerate secure transformation. What We’re Looking for (Minimum Qualifications) - Deep Fluency in AI/GenAI: Strong foundational knowledge of Large Language Models (LLMs), retrieval-augmented generation (RAG), MCP (Model Context Protocol) orchestration patterns, and the inherent security risks associated with them - 10+ Years of Solutions Engineering Mastery: A proven track record in a customer-facing technical role (Sales Engineering, Solutions Architecture, or Technical Advisory) navigating complex, enterprise-level sales cycles - Enterprise Security Foundations: Solid grasp of cybersecurity principles, including Zero Trust architecture, data loss prevention (DLP), cloud-native security platforms, and API integrations - Elite Executive Communication: Exceptional presentation and storytelling skills, with a demonstrated ability to seamlessly translate complex AI architectures into tangible business value and security outcomes - Collaborate and Co-elevate: Successfully work cross-functionally with Sales, Solutions Engineering, Product, Engineering, Marketing, and other go-to-market teams in a hyper-growth, rapidly evolving market What Will Make You Stand Out (Preferred Qualifications) - Hands-on AI Prototyping: Interacting with LLM APIs, scripting, creating agentic automation routines, and building lightweight AI applications - Advanced AI Risk Expertise: Direct experience helping enterprises deploy production AI technologies while navigating data leakage, model governance, compliance frameworks, and shadow AI usage - Scale & Enablement Focus: A history of creating high-impact field assets, technical workshops, and competitive positioning content that helps broader go-to-market teams win #LI-Hybrid #LI-SP4 At Zscaler, we are committed to building a team that reflects the communities we serve and the customers we work with. We foster an inclusive environment that values all backgrounds and perspectives, emphasizing collaboration and belonging. Join us in our mission to make doing business seamless and secure. Our Benefits program is one of the most important ways we support our employees. Zscaler proudly offers comprehensive and inclusive benefits to meet the diverse needs of our employees and their families throughout their life stages, including: - Various health plans - Time off plans for vacation and sick time - Parental leave options - Retirement options - Education reimbursement - In-office perks, and more! Learn more about Zscaler's hybrid working model and benefits here. By applying for this role, you adhere to applicable laws, regulations, and Zscaler policies, including those related to security and privacy standards and guidelines. Zscaler is committed to providing equal employment opportunities to all individuals. We strive to create a workplace where employees are treated with respect and have the chance to succeed. All qualified applicants will be considered for employment without regard to race, color, religion, sex (including pregnancy or related medical conditions), age, national origin, sexual orientation, gender identity or expression, genetic information, disability status, protected veteran status, or any other characteristic protected by federal, state, or local laws. See more information by clicking on the Know Your Rights: Workplace Discrimination is Illegal link. Pay Transparency Zscaler complies with all applicable federal, state, and local pay transparency rules. Zscaler is committed to providing reasonable support (called accommodations or adjustments) in our recruiting processes for candidates who are differently abled, have long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support.

Related Categories

Related Job Pages

More Security Engineer Jobs

ServiceNow logo

Senior Staff Product Security Engineer | Product Security Incident Response Team (PSIRT)

ServiceNow

ServiceNow provides cloud-based services that automate enterprise information technology operations. As an employer, ServiceNow offers a challenging, collaborat

Security Engineer22 hours ago
Full TimeRemoteTeam 29,000Since 2004

Company Description It all started when engineer Fred Luddy wrote code that automated a tedious task for his coworker, Phyllis. She cried tears of joy. That moment inspired Fred to build a company that could do that for everyone-freeing people from busywork so they could focus on meaningful work. Today, ServiceNow is the AI control tower for business reinvention. Our ServiceNow AI platform brings together any AI, any data, and any workflow- helping 85% of the Fortune 500® work smarter, faster, and better. We're building an AI-native culture where technology and talent are unstoppable together. And we're just getting started. Join us to put AI to work for people. Job Description The ServiceNow Security Organization (SSO) The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact About the role ServiceNow seeks a senior staff-level product security engineer to serve as a senior technical authority within the Product Security Incident Response Team (PSIRT). PSIRT is ServiceNow's awareness, response, and investigation capability for post-release vulnerabilities in ServiceNow-developed products and service offerings. This role is for a recognized expert who can operate independently and as part of a team on the most significant security issues facing the platform-vulnerabilities that require evaluating intangibles. You will lead deep-dive investigations, coordinate resolution across engineering, product, and release teams, and demonstrate calm, decisive leadership during significant security events. This is a role for someone who already understands product development cycles and the engineering and product relationships that drive them-and will use that fluency to lead fixes to completion under incident pressure. You will help shape how ServiceNow responds to product security vulnerabilities at scale and the technical rigor of the entire response capability. Key Responsibilities Lead Through Significant Security Events - Provide additional response coverage outside of normal working hours for significant product vulnerabilities as they emerge. - Demonstrate technical and organizational leadership during these events-bringing structure and clear decision-making under pressure. - Partner with incident commanders, business information security leadership, engineering, and customer-facing teams to maintain clear ownership, workstream prioritization, and hand-offs during these events. Reduce Exposure Window - Drive coordinated response across affected releases, balancing risk and remediation feasibility. - Leverage an understanding of product development cycles and engineering/product partnerships to move fixes through the release pipeline without stalling on organizational boundaries. - Verify fix completeness and guard against incomplete mitigations before release. Drive the CVE & Coordinated Disclosure Process - Lead ServiceNow's CVE disclosure process-owning CVE assignment, scoring, advisory content, and publication timing. - Collaborate with external security partners, vendors, and researchers on coordinated disclosures, aligning timelines and messaging across parties. - Conduct technical accuracy reviews of external advisories, researcher write-ups, and joint disclosure content to ensure correctness before publication. - Represent PSIRT's technical position in multi-party coordinated disclosures and researcher engagements. Pursue After-Action Outcomes & Continuous Improvement - Author postmortems and drive lessons learned to closure following product security incidents. - Participate in retrospectives following significant product security events, translating findings into concrete process and technical improvements. - Contribute to partner teams tracking product security risk themes and trends across the portfolio. - Contribute to SDLC improvement areas, feeding incident learnings upstream into secure development practices. Qualifications Qualifications - Minimum 12 years of related experience with a Bachelor's degree; or 8 years with a Master's degree; or a PhD with 5 years of experience; or equivalent experience. - Minimum 5 years of auditing source code for security vulnerabilities. - Demonstrated leadership during significant security events or major incidents, with willingness to participate in on-call. - Ability to read and comprehend Java and JavaScript code. - Strong understanding of common Java and JavaScript vulnerabilities. - Proficiency in scripting in both Python and JavaScript for data gathering, processing, and visualization. - Development of proof-of-concept exploits for web application vulnerabilities. - Written and verbal communication of complex security risk clearly to both technical teams and leadership. - Experience with leading fix implementation and release coordination across engineering, product, and test/release teams. - Proficiency in deep-dive product security investigations and root-cause analysis spanning design, code, configuration, and operational layers. - Exploit analysis and proof-of-concept development that distinguishes real exploitability from theoretical risk. - Familiarity with SDLC integration, CI/CD pipelines, SaaS threat models, and secure development practices. - Experience leading a CVE disclosure process, including CVE assignment, scoring (CVSS), and advisory publication. Preferred Qualifications - Experience in a PSIRT or similar function for a major software or SaaS platform. - Recognized expertise in product security incident response, vulnerability research, or application security within a software or SaaS environment. - Experience conducting vulnerability assessments on the ServiceNow platform. - Experience with emerging threats: AI-specific attack vectors, software supply chain security, and SDLC tooling security. - Experience with cloud infrastructure (AWS, Azure, GCP) and containerized environments. - Relevant security certifications (e.g., OSWE) or demonstrated equivalent expertise. #SecurityJobs For positions in this location, we offer a base pay of $201,300 - $352,300, plus equity (when applicable), variable/incentive compensation and benefits. Sales positions generally offer a competitive On Target Earnings (OTE) incentive compensation structure. Please note that the base pay shown is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. We also offer health plans, including flexible spending accounts, a 401(k) Plan with company match, ESPP, matching donations, a flexible time away plan and family leave programs. Compensation is based on the geographic location in which the role is located and is subject to change based on work location. Additional Information Work Personas We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service. Equal Opportunity Employer ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, gender identity, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. Accommodations We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact globaltalentss@servicenow.com for assistance. Export Control Regulations For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. From Fortune. ©2026 Fortune Media IP Limited. All rights reserved. Used under license.

Washington
$201.3K - $352.3K / year
ServiceNow logo

Sr Enterprise Account Exec, Cybersecurity (Fed - COCOM/SOF)

ServiceNow

ServiceNow provides cloud-based services that automate enterprise information technology operations. As an employer, ServiceNow offers a challenging, collaborat

Security Engineer22 hours ago
Full TimeRemoteTeam 29,000Since 2004

Company Description It all started when engineer Fred Luddy wrote code that automated a tedious task for his coworker, Phyllis. She cried tears of joy. That moment inspired Fred to build a company that could do that for everyone-freeing people from busywork so they could focus on meaningful work. Today, ServiceNow is the AI control tower for business reinvention. Our ServiceNow AI platform brings together any AI, any data, and any workflow- helping 85% of the Fortune 500® work smarter, faster, and better. We're building an AI-native culture where technology and talent are unstoppable together. And we're just getting started. Join us to put AI to work for people. Armis from ServiceNow, protects the entire attack surface and manages an organization's cyber risk exposure in real time. Combined with ServiceNow's Security and Risk capabilities, as well as Identity Security capabilities from Veza, we bring together all critical capabilities to secure every asset, every identity - incl. AI Agents - across all environments with the right level of context - security, operational and business - to build the first of its kind autonomous defense platform for the Agentic Enterprise. Job Description You will produce new business sales revenue from a SaaS license model. You will accomplish this through account planning, territory planning, researching prospect customers, using business development strategies and completing field-based sales activities within a defined set of prospects, territory or vertical. What you get to do in this role: The ideal candidate is a seasoned closer who understands the mission-critical nature of asset visibility-from the tactical edge to the cloud-and has the established relationships to navigate classified procurement cycles. - Execute Mission-Driven Sales: Build and manage a robust pipeline of opportunities within the COCOM's/SOF moving from initial discovery to enterprise-wide adoption. - Master the Hybrid Landscape: Evangelize the Armis Centrix™ platform as the authoritative source of truth for assets across on-prem, air-gapped, and Cloud-native environments. - Partner with Systems Integrators: Collaborate with the "Big 5" Federal Systems Integrators (FSIs) and specialized mission partners to include Armis in multi-year Programs of Record. - Navigate Procurement: Expertly manage the complexities of the MIP/NIP funding cycles and classified contract vehicles. - Deliver Technical Value: Work closely with Cleared Sales Engineers to demonstrate Armis's unique agentless visibility into IT, OT, IoT, and Cloud-native assets. Qualifications Clearance: Active TS/SCI Required (Full Scope Poly Preferred) To be successful in this role you have: - Experience: 10+ years of documented success in enterprise software or cybersecurity sales, specifically focused on the COCOM's and SOF community. - Local Presence: Must be based in the Tampa metro area to facilitate frequent on-site engagement in classified environments. - Cloud Proficiency: Proven experience selling cloud security (CSPM, CWPP) or hybrid-cloud infrastructure solutions to federal agencies. - Clearance: Active TS/SCI is mandatory. Candidates with an active Full Scope Poly (FSP) will be given high priority. - Network: An existing, high-level network of GS-15/SES and C-suite contacts within the COCOM's/SOF community. - Strategic Mindset: Ability to translate complex technical capabilities into mission-success outcomes for agency stakeholders. Additional Information Work Personas We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service. Equal Opportunity Employer ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, gender identity, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. Accommodations We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact globaltalentss@servicenow.com for assistance. Export Control Regulations For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. From Fortune. ©2026 Fortune Media IP Limited. All rights reserved. Used under license.

Florida

Senior-Security-Engineer

Peoplebank

Peoplebank provides comprehensive IT and digital recruitment services for both talent and clients, offering a range of contract staffing, permanent placements,

Security Engineer22 hours ago

Title: Senior-Security-Engineer | www.peoplebank.com.au Location: Canberra Australia Job Description: Work Type: Contract Industry: Cyber / Information Security Our client is currently seeking a highly skilled Senior Security Engineer to join their cybersecurity team. This is a contract role commencing ASAP for an initial period of 12 months, with 2X12 months extension options. The role offers a hybrid work arrangement, requiring attendance at the office for two days per week, with flexible work options across various locations including Queensland, Western Australia, Australian Capital Territory, Victoria, New South Wales, Northern Territory, South Australia, and Tasmania. As the selected candidate, you will: - Design, implement, and configure security controls across cloud and enterprise environments, including tools such as Microsoft Sentinel, Microsoft Defender suite, Entra ID, and endpoint security solutions. - Work closely with the architecture team to embed security best practices into solution design and deployment processes. - Integrate security measures into CI/CD pipelines, ensuring secure pipeline design, parameter handling, and vulnerability scanning. - Develop and manage security controls using Infrastructure as Code (IaC) tools such as Bicep, ARM templates, or Terraform, supported by scripting in PowerShell or Python for automation. - Configure, tune, and maintain security monitoring platforms, including threat detection, analytics rules, and automation playbooks in Microsoft Sentinel. - Conduct vulnerability assessments, manage third-party dependencies, and prioritise remediation activities based on risk and impact. - Support incident response efforts, including root cause analysis, threat hunting, and implementing remediation measures. - Ensure compliance with organisational cybersecurity policies through regular audits and checks. - Develop threat intelligence reports and contribute to proactive threat hunting to identify and mitigate emerging threats. To be successful in this role, you should have: - Extensive hands-on experience in cybersecurity operations, including security monitoring, incident response, and threat analysis in enterprise environments. - Proven experience integrating security controls into CI/CD pipelines, particularly using Azure DevOps. - Strong knowledge of cloud security, including configuring and managing Microsoft Azure services such as Microsoft Sentinel, Microsoft Defender, Entra ID, and Intune. - Expertise in Infrastructure as Code (IaC) to automate deployment of security controls, with proficiency in tools like Bicep, ARM templates, Terraform, and scripting languages such as PowerShell or Python. - Excellent problem-solving skills, with the ability to troubleshoot and resolve security issues swiftly, often under pressure. - Ability to translate business requirements into effective, secure technology solutions and evaluate alternative options when necessary. - Demonstrated capacity for critical thinking, analytical skills, and proactive security threat management. It is desirable if you have: - Prior experience working within government or highly regulated environments. - Relevant security certifications such as CISSP, CISM, or Azure Security Engineer Associate. Due to security clearance requirements for this role, candidates must be Australian who hold current Baseline/NV1 Security Clearances. Apply now for immediate consideration – contact Param Kaur on 02 6268 9781 quoting Job Reference: # 270734 Please note: Only candidates that meet the above criteria will be contacted. Thank you for your interest in the position. Please note that Aida, our after-hours AI conversational screening assistant, may be used as part of the initial application process. Peoplebank and Leaders IT are committed to creating a diverse and inclusive workplace where everyone belongs. We welcome applications from people of all backgrounds, identities, and experiences. If you need adjustments to the recruitment process due to your circumstances, please let us know—we’re here to support you.

Washington + 1 moreAll locations: Washington | Australia
News Corp logo

Business Information Security Officer

News Corp

News Corp is a global, diversified media and information services company focused on creating and distributing engaging and authoritative content, products, and

Security Engineer22 hours ago

Title: BISO (Business Information Security Officer) Location: Melbourne, Australia Job Description: - Be our first BISO and help shape this function across REA Group. - Directly support our Financial Services business to translate security strategy into practical action. - Work at the intersection of security, regulation and business in a complex financial services environment.Flexible leave options including, birthday leave and purchase additional leave We're REA With bold and ambitious goals, REA Group is changing the way the world experiences property. No matter where you're at on your property journey, we're here to help with every step - whether that's finding or financing your next home. Our people are the key to our success. At the heart of everything we do, is a thriving culture centred around high performance and care. We are purpose driven and collaborative, which drives innovation and our ability to make a real impact. As such, we’re proud to have been named one of Australia’s Best Workplaces four times since 2021 — including third place in 2025 — plus Best Workplace for Women in 2023 and Best Workplace in Technology in 2024 and 2025. These listings are testament to every person who helps make REA a great place to work. What the role is all about We're establishing a Business Information Security Officer (BISO) function to bridge our central Security team and our business units. The BISO for Financial Services (FS) will be the first role of its kind in our organisation—and you'll help shape what this function looks like across the company. This role sits at the intersection of security and business. You'll be the security expert embedded within our Financial Services team, responsible for translating central security strategy into meaningful action for the business, and for representing FS's unique needs back to the central team. You'll sit on the FS Product and Technology Leadership team, building relationships with product, engineering, and business leaders, while reporting into our central cybersecurity organisation. This is a role for someone who can speak both languages fluently—security and business. You'll need to understand the regulatory landscape, navigate a diverse technology stack, and influence without direct authority. What You'll Do Be the Security Voice in Financial Services - Serve as the trusted security leader to FS Technology and Business leadership - Participate on the FS Product and Technology Leadership team - Translate central security policies and initiatives into reasonable guidance for FS - Support the response to any security incidents that occur in FS - Advise on security implications of new products, features, and technology decisions - Champion security culture and awareness within the business unit Drive alignment between Security and FS - Articulate FS's unique security and compliance requirements to the central Security team - Advocate for FS priorities in the security roadmap planning and resource allocation - Ensure central security services (Product Security, Enterprise Security, Detection & Response, GRC) understand FS context when supporting the business unit - Provide input on enterprise security policies to ensure they're practical for regulated financial services Navigate Regulatory Complexity - Develop deep understanding of the regulatory obligations relevant to FS (credit licensing, responsible lending, data retention) - Partner with FS Compliance and Legal to ensure security controls meet regulatory expectations - Support regulatory engagement, audits, and examinations as the security subject matter expert - Stay current on evolving regulatory requirements and their security implications Drive Risk Management - Conduct security risk assessments specific to the FS business unit - Work with the risk team to ensure that cyber security risks are on the FS security risk register and ensure risks are appropriately identified, assessed, and communicated - Support risk acceptance decisions with clear articulation of residual risk Enable Secure Delivery - Engage early in product and technology initiatives to embed security by design - Review architectural decisions and technology choices for security implications - Coordinate with central Product Security on application security activities for FS systems - Support incident response within FS, acting as the liaison to central Detection & Response Build Relationships and Influence - Develop strong working relationships with FS engineering, product, and business leaders - Influence security outcomes through partnership rather than mandate - Communicate security concepts in business terms that resonate with non-technical stakeholders - Build trust as someone who enables the business, not blocks it Who we’re looking for Experience - 8+ years in information security, risk management, or related technical roles - Experience working in or supporting regulated financial services (lending, banking, payments, or similar) considered a positive, but not required - Demonstrated ability to work across organisational boundaries and influence without authority - Track record of translating technical security concepts for business audiences - Experience with security risk assessment and risk management frameworks Knowledge - Broad security knowledge incl. app & cloud security, identity, data protection, and GRC - Familiarity with security frameworks (e.g. NIST CSF, ISO 27001) and how to apply them pragmatically - Awareness of threats and attack techniques relevant to financial services - Understanding of Australian financial services regulatory environment (ASIC, APRA expectations, Privacy Act, credit licensing) considered useful but not required Skills - Exceptional communication skills for technical and non-technical audiences - Ability to build trust and credibility quickly with senior stakeholders - Comfort operating in ambiguity and navigating competing priorities - Strong analytical and problem-solving capabilities - Ability to work independently while maintaining alignment with central teams Mindset - Business-first: You understand that security exists to enable the business, not the other way around - Pragmatic: You find ways to manage risk that work in the real world, not just on paper - Relationship-oriented: You know that influence comes from trust and relationships - Curious: You ask questions, seek to understand context, and learn continuously Nice to Have - Experience in a BISO, divisional security, or embedded security role - Background in mortgage broking, consumer credit, or lending technology - Familiarity with Australian privacy law and its application to financial services The REA experience The physical, mental, emotional and financial health of our people is something we’ll never stop caring about. This is a place to learn and grow. Some of our Perks & Benefits include: - A hybrid and flexible approach to working - Flexible leave options including, birthday leave and purchase additional leave - Flexible parental leave offering for primary and secondary carers - Our Because We Care program offers employees volunteering leave, community grants, matched payroll giving and our Community Café donates 100% of revenue to charity - Hackdays so you can bring your big ideas to life Our commitment to Diversity, Equity, and Inclusion We are committed to providing a working environment that embraces and values diversity, equity and inclusion. We believe teams with diverse ideas and experiences are more creative, more effective and fuel disruptive thinking. If you've got the skills, dedication and enthusiasm to learn but don't necessarily meet every single point on the job description, please still get in touch. Join our Talent Neighbourhood Keen to be part of REA but didn't find a perfect match with this opportunity? Perhaps the timing isn't right? You should join our Talent Neighbourhood! Req ID R0015255

Australia