We’re hiring: Head of Information Security
22/04/2026 22:21 Filed in: Posts
📍 Sydney (Hybrid) | 🏦 Financial Services | 🛡️ Information Security Leadership
We’re seeking a Head of Information Security to lead and elevate AMP’s enterprise‑wide cyber capability at a pivotal time for the organisation.
This is a highly strategic and influential role, responsible for shaping AMP’s cyber resilience, strengthening regulatory posture and enabling the secure delivery of digital products and services. You’ll lead an end‑to‑end security function spanning governance, architecture, engineering, operations and incident response, ensuring security is embedded by design and supports business innovation.
Working closely with senior technology, risk and business leaders, you’ll translate complex cyber risk into clear business decisions, guide investment priorities and drive a shift towards a proactive, risk‑based and continuously improving security posture. You’ll also play a critical role in executive decision‑making during cyber incidents and in strengthening AMP’s overall security maturity.
You’ll be a great fit for this role if you have:
At AMP, we operate lean and close to the action. You’ll have direct influence on strategic decisions, the autonomy to lead meaningful change and the opportunity to build and shape a high‑performing security function. If you’re adaptable, resilient and thrive in environments where you can balance strategy with execution, you’ll do well here.
If you’re ready to lead security at scale and help shape the future of cyber resilience at AMP, we’d love to hear from you.
➡️ Apply now: Head of Information Security
We’re seeking a Head of Information Security to lead and elevate AMP’s enterprise‑wide cyber capability at a pivotal time for the organisation.
This is a highly strategic and influential role, responsible for shaping AMP’s cyber resilience, strengthening regulatory posture and enabling the secure delivery of digital products and services. You’ll lead an end‑to‑end security function spanning governance, architecture, engineering, operations and incident response, ensuring security is embedded by design and supports business innovation.
Working closely with senior technology, risk and business leaders, you’ll translate complex cyber risk into clear business decisions, guide investment priorities and drive a shift towards a proactive, risk‑based and continuously improving security posture. You’ll also play a critical role in executive decision‑making during cyber incidents and in strengthening AMP’s overall security maturity.
You’ll be a great fit for this role if you have:
- Proven experience leading enterprise‑scale information security functions in complex, regulated environments
- Deep expertise across security architecture, cyber defence, operations and incident response
- Strong capability in domains such as IAM, threat detection, vulnerability management and secure‑by‑design practices across cloud, data and applications
- Experience translating threat intelligence into actionable strategies and leading during high‑impact cyber incidents
- A forward‑looking perspective on emerging risks, including AI‑driven threats and post‑quantum security considerations
- The ability to influence senior stakeholders and communicate cyber risk in clear business terms
At AMP, we operate lean and close to the action. You’ll have direct influence on strategic decisions, the autonomy to lead meaningful change and the opportunity to build and shape a high‑performing security function. If you’re adaptable, resilient and thrive in environments where you can balance strategy with execution, you’ll do well here.
If you’re ready to lead security at scale and help shape the future of cyber resilience at AMP, we’d love to hear from you.
➡️ Apply now: Head of Information Security
Cybersecurity Study Group: (ISC)² Certified in Cybersecurity (CC)
Great to see the ISC2 Sydney Chapter launching its first pilot CC Study Group yesterday!
This initiative is all about helping members prepare for the Certified in Cybersecurity (CC) exam through shared learning and open discussions. During the session, Edward F. and I had the privilege of facilitating conversations around key domains and question strategies, but the real value came from the group’s engagement, curiosity, and collaborative spirit.
A big thank you to everyone who joined and contributed to the conversations. It’s exciting to see how this program can continue to grow and support aspiring cybersecurity professionals in Sydney.
Looking for more?
▶️ A series of articles I published back in 2023 covering all the areas of knowledge required to earn the ISC2 CC certification:
This initiative is all about helping members prepare for the Certified in Cybersecurity (CC) exam through shared learning and open discussions. During the session, Edward F. and I had the privilege of facilitating conversations around key domains and question strategies, but the real value came from the group’s engagement, curiosity, and collaborative spirit.
A big thank you to everyone who joined and contributed to the conversations. It’s exciting to see how this program can continue to grow and support aspiring cybersecurity professionals in Sydney.
Looking for more?
▶️ A series of articles I published back in 2023 covering all the areas of knowledge required to earn the ISC2 CC certification:
We’re hiring: Senior Cyber Defence and Response Specialist
06/03/2026 12:09 Filed in: Posts
📍 Sydney (Hybrid) | 🏦 Financial Services | 🛡️ Cyber Defence & Incident Response
We’re continuing to strengthen our Cyber Defence Centre at AMP and are recruiting a Senior Cyber Defence and Response Specialist to help protect an iconic Australian financial institution during a period of genuine transformation.
This is a hands‑on, technical role at the heart of our cyber operations. You’ll be detecting, investigating and responding to sophisticated threats across a complex enterprise environment, while helping us move towards a more proactive, intelligence‑led defence model. Beyond BAU response, you’ll play a key role in improving detection, threat hunting, automation and incident response maturity across AMP.
You’ll be a great fit for this role if you have:
At AMP, we’re intentionally lean, inclusive and outcomes‑focused. You’ll be close to the action, encouraged to challenge the status quo, and supported by leaders who genuinely value strong security thinking. If you enjoy variety, taking ownership, and seeing your work directly improve organisational resilience, you’ll feel at home here.
If you’re keen to protect what matters today and help shape how cyber defence is done tomorrow, we’d love to hear from you.
➡️ Apply now: Senior Cyber Defence and Response Specialist
We’re continuing to strengthen our Cyber Defence Centre at AMP and are recruiting a Senior Cyber Defence and Response Specialist to help protect an iconic Australian financial institution during a period of genuine transformation.
This is a hands‑on, technical role at the heart of our cyber operations. You’ll be detecting, investigating and responding to sophisticated threats across a complex enterprise environment, while helping us move towards a more proactive, intelligence‑led defence model. Beyond BAU response, you’ll play a key role in improving detection, threat hunting, automation and incident response maturity across AMP.
You’ll be a great fit for this role if you have:
- Strong, hands‑on experience in incident response, threat hunting and security event analysis
- Solid capability across SIEM, XDR, endpoint, WAF and cloud security controls
- Experience working in large, regulated enterprise environments
- Practical knowledge of frameworks such as MITRE ATT&CK, NIST and cyber kill chains
- A calm, analytical approach and the ability to perform well in fast‑paced situations
At AMP, we’re intentionally lean, inclusive and outcomes‑focused. You’ll be close to the action, encouraged to challenge the status quo, and supported by leaders who genuinely value strong security thinking. If you enjoy variety, taking ownership, and seeing your work directly improve organisational resilience, you’ll feel at home here.
If you’re keen to protect what matters today and help shape how cyber defence is done tomorrow, we’d love to hear from you.
➡️ Apply now: Senior Cyber Defence and Response Specialist
Geopolitics Is Now a Technology Risk
Geopolitics has become a direct and material technology risk, and it now firmly belongs on the CISO’s agenda. 🌐 Trade disputes, sanctions, cyber espionage, and digital sovereignty are reshaping where data lives, who can access it, and how resilient our platforms really are.
Our dependence on globally distributed supply chains and a small number of predominantly US-based ☁️ cloud providers has concentrated high‑value data and critical services in a few strategic locations. In a heightened geopolitical environment, cloud data centres are now strategic infrastructure, and disruptions—malicious or not—can quickly become systemic business events.
In this article, I explore why technology is uniquely exposed to geopolitical shocks and what CISOs and technology leaders should be doing now to factor geopolitics into cloud, availability, and resilience planning.
Cybersecurity Study Group: (ISC)² Certified in Cybersecurity (CC)
Looking forward to our pilot Cybersecurity Study Group session with Edward F.! 🚀
If you’re interested in the (ISC)² Certified in Cybersecurity (CC) certification, this is your chance to study with peers, ask questions, and learn from industry professionals.
If you’re interested in the (ISC)² Certified in Cybersecurity (CC) certification, this is your chance to study with peers, ask questions, and learn from industry professionals.
We’re hiring: Senior Security Architect
14/02/2026 10:13 Filed in: Posts
📍 Melbourne (Hybrid) | 🏦 Financial Services | 🔒 Security Architecture
We’re expanding our security team at AMP and hiring a Senior Security Architect to design and implement robust security architectures in a regulated financial environment.
You’ll lead security strategy, architect secure systems, collaborate with engineering teams, and ensure compliance while protecting customer data and operations.
You’ll be great for this role if you have:
🔹 Proven experience in security architecture and design
🔹 Deep knowledge of cloud security, identity management, and threat modelling
🔹 Background in financial services or regulated industries
🔹 Strong communication skills to influence stakeholders
Join us to shape secure financial services innovation and advance your cybersecurity career.
➡️ Apply now: Senior Security Architect
We’re expanding our security team at AMP and hiring a Senior Security Architect to design and implement robust security architectures in a regulated financial environment.
You’ll lead security strategy, architect secure systems, collaborate with engineering teams, and ensure compliance while protecting customer data and operations.
You’ll be great for this role if you have:
🔹 Proven experience in security architecture and design
🔹 Deep knowledge of cloud security, identity management, and threat modelling
🔹 Background in financial services or regulated industries
🔹 Strong communication skills to influence stakeholders
Join us to shape secure financial services innovation and advance your cybersecurity career.
➡️ Apply now: Senior Security Architect
💡 You Can’t Secure What You Can’t See: The Case for SBOMs
Modern software is assembled from countless third‑party and open‑source components. And if you can’t see them, you can’t secure them. 🔎🔐
This article explains why SBOMs (Software Bills of Materials) are becoming essential for managing supply‑chain risk, strengthening incident response, and meeting rising security and compliance expectations.
If you want faster visibility, better control, and fewer surprises in your software stack, this one’s for you.
We’re hiring: Security Services Senior Specialist (AppSec)
28/01/2026 13:10 Filed in: Posts
📍 Sydney (Hybrid) | 🏦 Financial Services | 🔐 Application & Vulnerability Security
We’re expanding our security team at AMP and hiring a Security Services Senior Specialist to lead application security, penetration testing, and vulnerability management.
You’ll own and uplift our AppSec framework, pen‑testing program, and vulnerability lifecycle, shaping engineering practices and protecting millions of customers.
You’ll be great for this role if you have:
🔹 Strong AppSec, pen testing, and vuln‑management experience
🔹 Confidence owning services and improving processes
🔹 Experience in regulated environments
🔹 Ability to turn technical risks into clear guidance
Join us to make a real impact on the future of financial services while growing your career.
➡️ Apply now: Security Service Senior Specialist
We’re expanding our security team at AMP and hiring a Security Services Senior Specialist to lead application security, penetration testing, and vulnerability management.
You’ll own and uplift our AppSec framework, pen‑testing program, and vulnerability lifecycle, shaping engineering practices and protecting millions of customers.
You’ll be great for this role if you have:
🔹 Strong AppSec, pen testing, and vuln‑management experience
🔹 Confidence owning services and improving processes
🔹 Experience in regulated environments
🔹 Ability to turn technical risks into clear guidance
Join us to make a real impact on the future of financial services while growing your career.
➡️ Apply now: Security Service Senior Specialist
We’re hiring: 2x Enterprise Security Architects
08/01/2026 10:10 Filed in: Posts
📍 Sydney (Hybrid) | 🏦 Financial Services | 🔐 Enterprise-scale security
We’re expanding our security leadership capability and are recruiting two Enterprise Security Architects to help shape and protect a complex, customer‑centric financial services environment.
If you’re passionate about designing security that enables the business, working at enterprise scale, and influencing outcomes across cloud, data, and core platforms, this could be a great next step.
➡️ Apply now: Entreprise Security Architect
We’re expanding our security leadership capability and are recruiting two Enterprise Security Architects to help shape and protect a complex, customer‑centric financial services environment.
If you’re passionate about designing security that enables the business, working at enterprise scale, and influencing outcomes across cloud, data, and core platforms, this could be a great next step.
➡️ Apply now: Entreprise Security Architect
💡Agentic AI's Identity Crisis
Agentic AI — autonomous 🤖 agents that can perceive, decide, and act — are entering business workflows fast. But as these non-human “digital workers” multiply, identity has become the hidden challenge.
Most enterprises haven’t extended authentication and access controls to these agents, creating ungoverned digital personas operating at machine speed: a serious security risk.
This article explores why identity is the new frontier of AI security, and how cybersecurity leaders can govern agentic AI safely through strong authentication, lifecycle management, and accountability.
