Security Engineer @ Latitude Financial Services

Job Description

At Latitude Financial Services, we are seeking a Dynamic, delivery-focused security engineer responsible for expanding, enhancing, and maintaining the Information Security and Technology Risk Management function supporting Latitude Pay Technology across Australia and New Zealand. This first-line information security, technology risk and cyber risk management role will be accountable for driving uplift in key controls protecting the business operations and security of customer information on the Latitude Pay Platform, and its related business processes, systems, and technology service providers. Reporting to Head of Support Services, InfoSec & Tech Risk for the Latitude Pay Division, you will play a crucial role in managing the cyber & technology risk posture of the business unit – assessing, identifying, and remediating control weaknesses, to safeguard the Latitude Pay business. A key part of this role is working closely with Latitude’s Enterprise Security function to ensure business unit alignment with Group policies and controls. In this role, you’ll: Platform Security: Develop and implement the security strategy for the Latitude Pay Platform. Collaborate with delivery teams to prioritise and implement strong platform security controls. Identity & Access Management: Define and document the Latitude Pay Identity and Access Management strategy for User Access Management, Privileged Access Management, and Access Provisioning/Deprovisioning. Security Uplift Delivery: Provide security leadership for the Latitude Pay technology roadmap and priorities. Lead platform and business unit level security initiatives and support rollout of any Enterprise Security programs. Risk Management: Conduct periodic risk assessment of the Latitude Pay business unit’s technology, cyber risk, and information security risks. Maintain the BU technology and information security risk register and drive associated remediation activities. Technology Compliance: Manage compliance with Latitude policies, standards, technology regulatory requirements and best practice. Conduct impact assessments for new and emerging technology compliance requirements. Controls Assessment: Implement and manage business unit level technology controls self-assessment and monitoring framework encompassing general computer controls, and application computer controls. Drive automation of control effectiveness monitoring. Vendor Security Management: Review and maintain a register of security assurance documentation of Latitude Pay technology service providers. Identify and develop treatment plans to address any key risks or control gaps identified with services provided. Audit Management: Provide the primary point of contact for all technology related audit activities on behalf of Latitude Pay Technology for Internal Audit, External Audit, and Regulatory engagements. Monitor and ensure closure of technology related audit findings. Security Incident Response: Escalate and respond to potential security incidents, leading platform specific investigations, response, and remediation activities under the direction of the Security Operations Centre / Enterprise Security. About you: Secure adoption & integration of AWS, Azure, GCP using security-as-code & secure-by-design principles. Having worked in embedding & maturing security products/services within agile & DevOps environments. Cloud security automation: designing, coding, and orchestrating security tools. Threat modeling, security user stories, & red teaming (security testing, code review, abuse case testing). Developing security design patterns & deployment guides aligned to enterprise security standards. Promoting a security-first culture within development teams. Collaboration & Stakeholder Engagement – Ability to work cross-functionally with developers, engineers, and security teams. Problem-Solving & Critical Thinking – Quickly identifying and mitigating security risks. Technical Proficiency Programming & Scripting: Prior experience in any of the following languages: Python, Node.js, Bash, Golang, Java. Cloud & Infrastructure: AWS (IAM, Logging, SSM, KMS, ACM), serverless (Lambda, DynamoDB, Cognito), containers (Docker, ECS). Security Controls & Authentication: OIDC, security tooling (Clair, Github Advanced Security). DevOps & CI/CD: AWS-native tools (CloudFormation, CodeBuild, CodePipeline), Artifactory. Sound like you? That's a good sign! In return for your energy and ideas, we offer a flexible working environment and great compensation. We always support a safe, healthy, engaging, and productive working environment for all employees and workers, whether that be in your home and office, or a combination of both. We're Latitude, partners in money. Latitude may seem like the new kid on the block, but it's taken us almost a hundred years to become an overnight success. Digital payments, cards and loans is what we offer - but what we really are is a platform that helps people shop and live better. Always living and breathing our values: Take Ownership, Pursue Excellence, Win Together and Create Tomorrow. We're not engaging any recruitment agencies for this role, so if you're interested, please apply directly!Successful applicants will be required to complete a background check (including criminal history and bankruptcy check) prior to commencement of employment. Only open to Australian or New Zealand Permanent Residents or Citizens. #J-18808-Ljbffr