About us

Widget Works creates and delivers financial calculators for banks, credit unions, and mortgage brokers. We started primarily as lead generation tools, but with our advanced mortgage pricing support we perform a growing range of loan servicing and prequalification functions.

We’re remote-only (work from home) and give you the flexibility to produce your best work while living life.

Our clients include some of the largest banks in Australia, New Zealand, and USA. We value good relationships with our customers so we care deeply about producing high-quality products to meet their needs.

About this role

We are a security-conscious company, but have a need to formalise this through ISO 27001 certification.

However, this is not about ticking boxes or getting the certificate at the end - we want to implement an effective and resilient security framework that will support our customers, employees, and organisation as we grow.

This is a hands-on role, working closely with the company directors, to guide and implement and maintain our security program over time.

Responsibilities

Lead the ISO 27001 certification process

Develop and maintain security policies and procedures

Conduct internal audits and coordinate external assessments

Ensure we meet our clients' due-diligence and security requirements

Develop and maintain an effective Information Security Management System (ISMS)

Lead risk assessments and maintain the risk register

Manage our third-party vendors to ensure compliance

Implement backup and monitoring of our cloud services and infrastructure

What we are looking for

Strong experience developing and managing ISO 27001 compliance (or similar frameworks; Essential 8, SOC2, etc.)

In-depth understanding of information security principles and risk management

Experience developing effective, needs-based security policies and procedures

Technical understanding of cloud services and infrastructure, where our main cloud services are:

Amazon AWS

Microsoft Azure

Heroku

Cloudflare

Ideally with experience developing and implementing backup and configuration management within those environments.

Benefits

Remote work!

Friendly, fun and flexible workplace

Allowance to help set up your home office and workstation

Remote details

Preferred Timezone: +/- 2 hours of Brisbane AEST (GMT+10:00)

Interested?

Send us your CV and cover letter highlighting a few points from each of the main sections above.

Given the nature of our clients, the successful applicant must live in Australia and complete a Police background check.