Jean-Baptiste Bres

Chief Information Security Officer

Super Risk Symposium - Melbourne 14/08

I was honoured to be one of the speakers at the Super Risk Symposium organised by the AIST in Melbourne on 14/08.

It was a great session, on the impact of the new CPS 234 regulation, thanks to Rob Pickering who facilitated the debate and to Joss Howard and Matt O'Keefe for their great insights.

UNADJUSTEDNONRAW_thumb_126

Security Designer @ Xinja

Last but not least, we are also hiring a Security Designer, a strategically critical role in defining and assessing Xinja’s security strategy, architecture and practices.

If you think this is something for you, contact me or visit Xinja career website for more information.

Security Designer

Info Sec GRC Manager @ Xinja

Another great opening in the Xinja Security Team. We are looking for an Information Security GRC Manager!

This is a key role for the organisation: You will manage the information risk and security governance, focussing on raising standards and awareness, as well as providing assurance and monitoring compliance with policies and standards.

If you think this is something for you, contact me or visit Xinja career website for more information.

More openings coming soon…
😉

Screen Shot 2019-08-05 at 10.15.51

DevSecOps role @ Xinja

Another great new security-related role we are recruiting for at Xinja: we are looking for a DevSecOps engineer with a focus on security automation. You’ll be embedded in the DevOps team to facilitate continuous delivery of secure, quality software to the Xinja Banking Platform using DevSecOps practices and principles. You’ll need to have a broad cross section of skills along with a strong consultative approach.
You’ll work with software engineers and security experts to ensure that the right practices are in place and to take the security lead on automating the path to production to enable deployment of changes with no manual intervention and in a highly secure manner.
We run a small, crack team of DevOps engineers to help us to build out a world class continuous integration and delivery pipeline for the Xinja Banking Platform as we continue to scale at pace. You will ensure security standards are upheld and secure coding practices maintained.
You should know that we do things a little differently at Xinja. You won’t be micromanaged and will have the flexibility to choose the tools you need to get your work done. Along with the team you work with, you’ll be given autonomy on how you design and build DevSecOps processes as long as it stays within the guidance of the Xinja Software Development Lifecycle and Information Security Management System. You should be comfortable with pushing new tools and processes and challenging the norms of secure software development and deployment.

If you think this is something for you,
contact me or visit Xinja career website for more information.

More openings coming soon…
😉

DevSecOps

Security Analyst role @ Xinja

I am recruiting a Security Analyst to join the fantastic security team at Xinja. The role will be responsible for assisting in building upon and improving Xinja’s Information Security Program. You will be the primary technical security resource in a small team responsible for the day-to-day operations of the security of all things Xinja.

If you think this is something for you, contact me or visit Xinja career website for more information.

More openings coming soon… 😉

Security Analyst

Super Risk Symposium - Melbourne 14/08

I am very honoured to be one of the speakers at the next Super Risk Symposium organised by the AIST in Melbourne on 14/08. I will be discussing being CPS compliant with 2 great experts: Joss Howard (Head of Risk Management and Governance Consulting, APAC, NCC Group) and Matt O'Keefe (Partner, KPMG).

Information security is all about risk management. With APRA’s CPS 234 framework now live, how do funds need to be secured and why? What is an acceptable risk? And what is the lasting impact if valuable data is compromised, exposed or unavailable?
This session will explore how funds are demonstrating compliance with the new prudential standard and the strategies being used in safeguarding systems against information security threats.

[Update] Info and tickets at https://bit.ly/2GGHp8v

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017. Read more at http://bit.ly/2Xr3Kgv

First State Super integrates advice, overhauls leadership


First State Super has fully integrated its financial advice business, StatePlus.

In a move aimed at making financial advice accessible for all its members, the $70 billion fund has brought its financial advice business StatePlus in-house. Read more at http://bit.ly/2XqxFFu

"Implementing CPS 234" conference

I am very proud and excited to be one of the key speakers at the "Implementing CPS 234" conference on 3rd May in Sydney.

I will be talking on how to build an information security policy framework that is agile to changing threats.

What the Marriott Breach Says About Security

Marriott disclosed earlier this week a four-year-long breach. It involved the personal and financial information of 500 million guests of some of its hotel properties.
What could have gone so wrong that such a breach remained unnoticed for so long? This great article shares some considerations around the security postures that companies take on, and why they work... or not.

Facebook Security Breach Exposes Accounts of 50 Million Users

Facebook is breached, putting 50 Million users’ data at risk. Great time to ask yourself what data you are making available on the net, and what would you do if it ends ends available to all because of a breach? Maybe it’s time to close your social network accounts that are not providing you any real value?...

Thank You Steve

Steve Jobs

Thank You Steve,
None of that would have been possible without you.