ORDE Financial

Security Engineer

ORDE Financial  •  Commonwealth of Australia (Onsite)  •  4 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

ABOUT ORDE FINANCIAL

ORDE is a nonbank lender of 200+ employees built exclusively for brokers, combining human and credit expertise with innovative technology to help brokers build stronger futures for their clients. We reflect the reality of today’s borrowers, from SMEs with complex needs to near-prime clients seeking clearer paths forward.

Since 2020, ORDE has funded more than $10b in loans and supported over 16,000 borrowers – all through brokers. We offer Residential, Commercial, SMSF and Construction loans and other specialised solutions, with fast decisions, deep credit insight and a streamlined digital experience.

We are passionate (and a bit obsessed…) about being disruptive and pushing hard to improve the experience and results for mortgage brokers. Our purpose “Built for Brokers” is clear and simple and define our entire strategy (delivering better experiences, more value and opportunity, anticipating more needs and communicating more solutions, for brokers and their customers).

ABOUT THE ORDE INCOME FUND

ORDE recently introduced the ORDE Income Fund (the Fund), a registered retail managed investment scheme investing in Australian mortgage assets. It is unlisted, open-ended and currently offers a 12-month pooled mortgage investment product.

The Fund is intended to become a key pillar of ORDE and the leading public expression of ORDE as both a non-bank lender and Australia’s highest quality asset manager within its asset class.

The Fund has exceeded $100m in funds under management and is scaling though early-stage capital raising, with a full retail launch pending.

ABOUT THE ROLE

We’re seeking a Security Engineer to act as a key in-house security SME within a blended IT and Security Operations team. This is a mid-level, hands-on role focused on improving day-to-day security operations,
while working closely with Technology Operations so that smaller, repeatable and well-defined security activities can be shared across the broader
operations team. You will support incident response, security and compliance obligations, security partners, and practical controls across identity, endpoint, Microsoft 365, SaaS platforms, integrations and other cloud-based business systems, helping embed security into how the technology team operates every day.

Your key responsibilities will
include:

  • Act as a key in-house security SME within the Security and IT team, providing practical guidance on security operations, compliance obligations, technology change and control design.
  • Lead the triage, coordination and improvement of security incidents, working with internal teams and external security partners where appropriate.
  • Help prioritise security uplift by assessing threats, control gaps, regulatory expectations, business impact and operational effort.
  • Improve and assure core security controls across areas such as identity, endpoint, Microsoft 365, SaaS platforms, integrations, cloud-based business systems, vulnerability management and user security.
  • Support information protection and data security controls, including the secure handling of company, broker and customer information.
  • Support identity and access management controls, including privileged access, access reviews, joiner/mover/leaver processes and MFA-related controls.
  • Provide pragmatic security input into technology change, projects and vendor implementations so risks are identified early and controls are workable.
  • Work with the broader Security and IT team to embed security into service management, access management, endpoint management, change processes, documentation and day-to-day operations.
  • Maintain practical standards, procedures, playbooks and runbooks so repeatable security activities can be shared safely and consistently across the team.
  • Support vulnerability management, internal assessments, audits, third-party risk reviews, evidence collection and remediation tracking.
  • Contribute to security awareness activities, including training and phishing simulations.
  • Maintain clear security reporting across incidents, control health, vulnerabilities, compliance activity, awareness and uplift progress.
  • Operate with appropriate autonomy, taking ownership of agreed security work while escalating material risks, decisions and priorities through the Head of Security and IT.

Why would we choose you?

  • 3–5 years’ experience in operational cyber security, security engineering, security
    operations or a similar hands-on security role.
  • Strong practical capability across incident response, vulnerability management,
    identity, endpoint, Microsoft 365, SaaS, integrations and cloud-based business
    system security controls.
  • Able to operate as a trusted mid-level security SME in a blended Security and IT team,
    providing guidance without becoming a bottleneck for all security activity.
  • Good judgement in prioritising risk, making practical decisions and communicating
    clearly with technical and non-technical stakeholders.
  • Experience working with MDR, SOC, security monitoring or incident response partners, including managing escalations, challenging findings where appropriate and turning partner outputs into practical actions.
  • Comfortable turning security and compliance obligations into workable controls, procedures,
    evidence, reporting and operational routines.
  • Experience working in, or supporting, regulated environments where security controls,
    audit evidence, risk management and operational discipline matter.
  • Familiarity with security frameworks and standards such as the ACSC Essential Eight, ISO
    27001, NIST CSF or similar.
  • Strong documentation, prioritisation and ownership, with a bias toward practical
    improvement over theoretical security.
  • Security certifications are beneficial but not essential; proven judgement, ownership
    and delivery matter most.

Why would you choose us?

  • We are a fast-growing successful company.
  • We think it’s exciting to be part of a team which is building something which will make
    a difference.
  • We are focused, disruptive, think outside of the box and will encourage you to try new
    things.
  • We really care about our people and want them to have the best experience of their
    career.
  • We guarantee fun, a challenge, learning and growth!
  • We embrace being challenged through diversity of thoughts.
  • We have a highly collaborative culture and provide an inclusive, enjoyable office
    experience for all staff.
  • We are Melbourne based and think being in the office all together is important and we
    think working from home is too: three days in the office (Mon-Tues-Thurs), two
    days at home.
  • We remunerate well and reward high performance.
ORDE Financial

About ORDE Financial

ORDE Financial is an Australian non-bank mortgage lender, purpose built to help mortgage brokers provide the best experience and outcomes for borrowers.

ORDE offers a comprehensive and flexible product range of Residential, Commercial and SMSF loans, all delivered with our solutions focused "can do" approach to non-bank lending.

ORDE only accepts loan applications via mortgage brokers. This means our only priority is to be non-bank, lender of choice for mortgage brokers and their customers.

At ORDE’s core is a team committed to high level service. Our team’s deep experience and standard accessibility makes obtaining approvals straightforward, requiring less effort from brokers and borrowers.

For brokers wanting improved non-bank lending standards ORDE changes the future of your business and your clients.

Industry
Finance & Insurance
Company Size
51-200 employees
Headquarters
Melbourne, AU
Year Founded
2019
Social Media