Head of Security and Technology

Who we are?

Named as one of Australia’s Top 5 employers with under 100 employees, for the last 4 years OnDeck has grown to become one of Australia’s largest locally owned online small business lender’s. At OnDeck, we are changing the way business owners borrow money by combining our passion for small business with cutting-edge technology. We evaluate businesses based on their actual performance, using real time data which enables us to say “yes” more often, to more business owners, faster than traditional lenders. We have helped thousands of small business owners across Australia access short term, unsecured finance to drive their business growth and enable more opportunities.

About the role:

We’re seeking a strategic and execution-focused Head of Security & Technology to lead and evolve our technology and cybersecurity function at OnDeck Australia. In this role, you’ll be building and operationalizing a modern security program that protects our customers and empowers our business and technology teams, as well as managing a small team that supports the day-to-day of IT operations.

You’ll be a thought partner to senior leadership, guiding risk decisions, maturing controls, and shaping the cybersecurity roadmap. If you're passionate about building scalable programs in dynamic fintech environments, this is your opportunity to make a lasting impact.

Key Responsibilities include:

• Lead the development and implementation of OnDeck’s cybersecurity strategy aligned to industry standards (e.g., ISO 27001, NIST, etc.).
• Lead the planning and execution of cybersecurity initiatives ranging from policy rollouts to security tooling, ensuring they are delivered on time and align with business priorities
• Oversee all IT infrastructure, ensure high availability and performance of all systems.
• Manage vendor relationships, software licensing and hardware procurement.
• Act as the primary security advisor to business leaders, communicating clear, risk-informed recommendations.
• Present security posture and risk insights to senior executives, boards, and governance forums.

Skills required:

• 10+ years’ of experience in cybersecurity, technology risk and IT Operations within financial services, fintech or SaaS environments
• Strong knowledge of control frameworks (e.g., ISO 27001, NIST CSF, SOC2) and regulatory requirements such as Australian Prudential Regulation Authority (APRA) or the Office of the Australian Information Commissioner (OAIC)
• Experience building and leading cybersecurity programs across SaaS heavy, hybrid or cloud-native environments
• Background in technology, software engineering, or DevSecOps is highly valued.
• Experienced in managing Production Support/Shared Services and partnering with SaaS vendors to ensure optimal up-time and platform stability
• Big 4 or consulting background a plus
• Track record of influencing senior stakeholders and driving outcomes across technical and non-technical teams
• Excellent communication skills and ability to turn complex security topics into clear business language
• Strong analytical mindset with a bias for action and continuous improvement

Why Work for OnDeck

Where do we begin? There’s plenty of reasons we’ve been named an Australian Top 5 Employer four years running!

To name a few, at OnDeck, you will:

• Literally change the landscape of small businesses one conversation at a time!
• Have a meaningful impact on the company’s future, and share in the rewards accordingly
• Work in an inclusive, fast-paced environment

What we offer you:

• An open-minded, collaborative workplace, which will both challenge you and celebrate your work
• Be part of a growing, innovative fintech making a real impact for small businesses
• Lead brand-building initiatives with autonomy and creativity
• Great CBD location with a fully stocked kitchen
• Regular team building events
• Ongoing health & well-being initiatives