Enterprise Security Architect
Why Tyro?
At Tyro, we’re into business big time. Through our integrated payments, banking and lending solutions, we’re here to ensure nothing stands in the way of Australian business success. With over 21 years' experience under our belt, we know what it takes to build something great, which is why we combine the best people, technology, and partners to deliver simplified payments and seamless business banking to our customers. We’re proud to power more than 76,000 merchants across Australia and to work with almost 800 partners to create seamless experiences for hospitality, retail, services and health providers.
It starts with You.
Just like our customers, we’re obsessed with the success of our people. So, when you come onboard, we’ll give you all the support you need to do your best work. Our close to 600 Tyros are a highly collaborative team, so you’ll get to work with smart, motivated and friendly people across Tyro. We are fast paced and innovative and strive to live our values everyday – commit to greatness, stay hungry, wow the customer, be good and win together! We are big enough for you to have opportunities to have a career at Tyro and small enough that you can have a real impact. As we continue our mission to shake things up and make payments the easiest part of doing business, you’ll have the opportunity to learn new skills with hands-on experience, further your career, and help unleash the potential of our customers, one payment at a time.
🎥 Step inside life at Tyro here.
About the role
The Tyro Security Architecture function is responsible for defining, governing and evolving security architecture practices across Tyro. The role partners closely with engineering, architecture, product and business stakeholders to ensure security is embedded into technology solutions by design while enabling business objectives and innovation.
The Security Architect provides technical leadership across AI, cloud, applications, infrastructure, data and emerging technologies. The role develops security architecture standards, reference patterns and security controls, conducts architecture and design reviews, performs threat modelling activities and provides strategic guidance to ensure solutions are secure, resilient and aligned with Tyro's risk appetite and regulatory obligations.
Influencer 20% | Strategist 10% | Execution 70%
What you'll do
• Develop and maintain a deep understanding of Tyro's Payments, Banking and Health products, technology platforms and business objectives.
• Define and maintain security architecture principles, reference architectures, standards, reusable patterns and security guardrails.
• Conduct AI-focused security architecture reviews and threat modelling for new and existing AI use cases, assessing risks such as data leakage, prompt injection, model misuse, insecure integrations, excessive agency and inappropriate access to sensitive data.
• Provide security architecture leadership and guidance across strategic initiatives, projects and business-as-usual technology activities.
• Partner with Enterprise Architecture, Solution Architecture, Engineering and Product teams to embed security-by-design principles throughout the technology delivery lifecycle.
• Conduct security architecture reviews, threat modelling exercises and design assessments for new and existing solutions.
• Define security requirements and security controls for cloud, application, infrastructure, data and third-party solutions.
• Assess emerging technologies and provide guidance on the secure adoption of cloud-native services, AI-enabled solutions and modern engineering practices.
• Review and assess third-party technologies, vendors and strategic technology partnerships from a security architecture perspective.
What you'll bring
• Extensive cyber security experience in security architecture, solution architecture or security engineering.
• Demonstrated understanding of AI and machine learning security risks, including LLM application security, prompt injection, model governance, data protection, identity and access controls, monitoring and secure integration patterns.
• Familiarity with emerging AI security frameworks and guidance, such as OWASP Top 10 for LLM Applications, NIST AI RMF, ISO/IEC 42001 or equivalent industry practices.
• Strong understanding of cloud, infrastructure, application, identity and data security.
• Demonstrated experience designing and securing AWS and/or Azure environments.
• Experience conducting threat modelling and security design reviews.
• Strong understanding of secure software development and DevSecOps.
• Knowledge of CPS234, ISO27001, CIS Controls and PCI DSS.
• CISSP, CCSP, SABSA, TOGAF or equivalent certification.
Nice to have
• Financial services, payments, banking or health industry experience.
• Container and Kubernetes security experience.
• Zero Trust Architecture experience.
• AI, privacy and data security experience.
• AWS Security Specialty or Azure Security certification.
What’s in it for you?
We’ve worked hard to create an environment that’s big on diversity, inclusion, and flexibility, and one that suits the changing needs of team members across Australia. Here are just some of the things Tyros tell us they love about working here.
You’ll also receive:
A mix of in-office and remote working (3 days in the office)
Learning and career development opportunities
18 weeks paid primary carers leave
12 weeks paid secondary carers leave
Annual team-based volunteer day
Birthday Leave
Power Up Day (Additional day of leave)
Weekly team social events, snacks, craft beer and wine, ping pong and video games
Taco Tuesdays
Mental health and wellness initiatives
Novated leasing
Tyro is committed to a diverse, inclusive workplace where everyone thrives. We welcome applicants of all backgrounds and are an equal opportunity employer. If you need accommodations or adjustments at any stage of the recruitment process, simply inform our Talent team during your conversation with them.
Still with us?
If you’ve got this far, then you might just be a great fit for us. Don’t tick all the boxes above? That’s ok, apply anyway and our Talent team will review your profile - you might be a fit for future roles.
#LI-Hybrid
- Department
- Risk
- Role
- Security
- Locations
- Sydney
- Remote status
- Hybrid