Xinja is building one of Australia’s first 100% digital banks designed entirely for mobile. We are
building a bank with our customers and designed in their interests. Neobanking will disrupt the existing banking model and create a whole new generation of experiences.
Developing one of the first neobanks in the country is an exciting and challenging task. Our ethos is based on a win-win with our customers; if they do well, so do we. We believe it’s time Australians had access to the kind of technology that just allows them to get a lot more out of their money, with less angst.
We extend that attitude to our people and our partners. We look after our staff, and trust them with significant responsibility, but support them well. This is a fantastic opportunity to be part of building a great company, and a fabulous brand, AND learn heaps along the way.
Our 10 golden rules
To be successful at Xinja you are going to need to be happy working with our 10 golden rules
- No dickheads… However good they may be. No dress code, but sometimes you need to look smart :-). No power trips because of a hierarchy. Intellect, customer experience and implementation is all that matters.
- Everything is in the cloud.
- We use real time data to evaluate our business and we reward staff on a quarterly basis with an entirely discretionary profit share. No one gets a share of the profit if our investors aren’t making money and our customers aren’t happy.
- We are here to make money, that’s why we exist, and we don’t screw people over to do it. We don’t lie to our clients in person or in marketing. We don’t engage in immoral lending; if our grandmother would think it was wrong, then it is. We aim to make lots of money ethically and we are proud of it.
- No one is entitled to work at Xinja. It is a huge honour to represent people’s hopes of a new bank and we earn that honour every day.
- We look after our people bloody well. We stand by them if they are in genuine need.
- We are truthful and direct with each other. Everyone says what they think in a robust, challenging, edgy environment. That means we won’t be the right place for everyone to work, and that’s ok.
- We only hire people better than us. We never, ever settle because we need a body. We do psychometric testing to get the best people, every time.
- About half our team, executive and board will be female, if they aren’t we aren’t recruiting the best people. We actively seek all types of diversity combined with brilliance.
- If you discriminate against someone because of who they love/sleep with, you’re a dickhead… Please see rule 1.
Now…let’s talk about you:
The Information Security Governance, Risk and Compliance (GRC) Manager will be responsible for assisting the CISO in building upon and improving Xinja’s Information Security Program. This role is responsible for driving a consistent and proactive approach to supporting governance, risk management and controls activities across our technology function and into the wider business. As part of the Information Security management team and reporting to Xinja Chief Information Security Officer, you will be responsible for providing leadership and oversight to a team of consultants and analysts, as well as specialist input as required. This will include supporting risk management and risk acceptance activities; maintenance and oversight of standards; maintenance and assurance of the IT controls framework; managing emerging technology risk within projects; supporting other assurance and audit activities relating to technology; and supporting reporting to governance working groups, forums and committees.
Day to day, you’ll:
- Manage the information risk and security governance, focusing on raising standards and awareness, as well as providing assurance and monitoring compliance with policies and standards;
- Manage, maintain and assure the information security control framework.
- Establish and promote good practice for managing information technology and information security risk, providing support, advice and information where required;
- Provide guidance, direction and reporting to senior management on a range of information technology and information security risk and control issue;
- Support the change functions and in the identification, management and assurance of emerging technology risks arising from projects and other change initiatives;
- Manage elements of monitoring, demonstrating appropriate management of risk and compliance with policy.
- Lead by example by being a hands-on manager, and always be fair, open and honest;
- Identify what needs to be done and choose the right people for the job;
- Take an active lead in helping everyone to perform to their best and ensure Xinja success;
You should apply if:
- 5 – 10 years experience working in FCC within a retail bank or remitter firm
- Experience working as part of a senior management team.
- Deep understanding and knowledge of Australian Banking regulation and compliance requirements.
- Experience in developing and executing FCC policies.
- Excellent oral and written communication skills.
- Ability to create and maintain positive business relationships.
- Foster the delivery and adoption of new technologies to analysis and manage FCC
- Highly motivated and goal-oriented, with proven leadership qualities.
- Ability to meet deadlines, make independent decisions and utilise sound judgement.
- Demonstrate professionalism, integrity and trustworthiness.
- Significant experience of building and maintaining information security management governance standards
- Significant experience of regulations and legislation associated with technology and information security;
- Significant experience of information technology and information security within Financial Services in Australia;
- Significant experience of risk management tools and methodologies
- Significant experience of 3rd party risk management (relating to technology and security risks)
- Experience of project management principles, tools and methodologies
- Good knowledge of financial services regulatory and legislative frameworks;
- Good knowledge of industry best practice, good networks/links with external bodies and individuals in the same field;
- High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
- High degree of initiative, dependability and ability to work with little supervision while being resilient to change.
- Degree in business or a technology-related field.
- Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
A new frontier:
- At Xinja, we believe in embedding the brand in every customer experience, and therefore marketing is core to what we do. Developing the best neobank in the country is an exciting and challenging task. Our ethos is based on a win-win with our customers; if they do well, so do we.
- We believe it’s time Australians had access to the kind of technology that just allows them to get a lot more out of their money, with less angst. We are for profit and for purpose.
- We extend that attitude to our people and our partners. We have an inclusive and diverse culture where we look after our staff and trust them with significant responsibility but support them well. This is a great opportunity to be part of building a great company, and a fabulous brand, AND learn heaps along the way.
If you’re up for this:
Please email your CV to [email protected]
And check out the hiring process we go thru here
Download the full job description here