Role Overview
You will be a seasoned security professional responsible for acting as the primary interface between customers security teams and internal product, engineering, and compliance stakeholders at audax. Your role will involve understanding customer security and regulatory requirements, mapping them to product security controls, and guiding customers towards mutually acceptable security outcomes. Additionally, you will provide security architecture and risk oversight across project lifecycles.
Key Responsibilities
- Act as the primary security point of contact for customer security, risk, and compliance teams.
- Build and maintain trusted relationships with bank stakeholders, including CISO, Technology Risk, Compliance, Audit, and Operations teams.
- Lead security discussions, assessments, and reviews with customers to understand their security, regulatory, and risk requirements.
- Translate and harmonize multiple customer and regulatory standards into a unified set of product security controls.
- Assess product architectures for security risks and control effectiveness.
- Advise on data protection, privacy, and data residency requirements.
- Support internal teams on customer security expectations and regulatory interpretations.
- Support internal security and risk initiatives, including architecture reviews and project implementations.
- Collaborate with internal security, risk, and compliance teams to improve security standards and assurance processes.
Qualification Required:
- 8+ years experience in cybersecurity delivery, technology risk, or security consulting within financial services.
- Strong background in baseline security controls and control assurance in a banking context.
- Experience working in a vendor or managed services environment serving banking clients.
- Strong working knowledge of security and regulatory standards such as ISO27001, CIS, GDPR, MAS TRM.
- Solid understanding and hands-on experience in cloud security, container and platform security, application security, threat modeling, and security risk assessments.
- Knowledge of data protection and privacy requirements.
- Strong communication skills to explain security concepts to technical and non-technical audiences.
- Ability to manage differing security viewpoints and guide stakeholders towards risk-based outcomes.