Australia’s financial services sector sits at the epicenter of cyber risk. As digital banking, real-time payments, and cloud-driven investment platforms continue to expand, security leaders are being asked to do far more than defend infrastructure. Today’s cyber executives must balance regulatory complexity, operational resilience, and business enablement, all while navigating an increasingly sophisticated threat landscape. The individuals shaping this evolution are not only strengthening defenses but also redefining how cybersecurity integrates into enterprise strategy.
The following leaders represent some of the most influential voices helping guide financial services organizations through this transformation. While many hold Chief Information Security Officer titles, others operate in adjacent executive roles that carry equal strategic weight. Several have transitioned into new positions recently, yet their impact and leadership continue to shape the industry’s cybersecurity trajectory.
Joys Tandian — Chief Information Security Officer, Smartgroup Corporation
With more than 15 years of experience spanning governance, compliance, and enterprise security program development, Joys Tandian brings deep operational rigor to the evolving cybersecurity demands of financial services. Her expertise across PCI DSS and ISO 27001 compliance, combined with her work designing governance frameworks and vulnerability management strategies, reflects a holistic understanding of both regulatory and technical security requirements.
Since stepping into the CISO role at Smartgroup Corporation in 2025, Tandian has focused on strengthening data protection and vendor risk management practices while elevating organizational security awareness. Her ability to translate complex compliance frameworks into actionable enterprise-wide programs continues to position her as a trusted security leader capable of aligning protection strategies with business growth.
Ciaran Moloney — Head of Tech Risk & Cyber, Formerly Dexus; Former Head of Cyber and Technology Risk, AMP Capital
Although not always holding the CISO title, Ciaran Moloney has built a reputation as a highly influential cybersecurity and technology risk executive within Australia’s financial ecosystem. His leadership has spanned large-scale operating model design, enterprise risk transformation, and complex technology modernization initiatives across major financial institutions.
Moloney’s ability to connect cyber risk with tangible business outcomes has been a defining element of his career. At AMP Capital, he played a pivotal role in strengthening technology risk governance, while his time at Dexus demonstrated his ability to streamline risk remediation through centralized systems and education programs. His track record managing large budgets and driving cost efficiencies underscores his strategic and commercially focused approach to cybersecurity leadership.
Mark Smink — Director, Information Security, Formerly Brookfield Asset Management
Mark Smink’s leadership in information security reflects a strong blend of pragmatic innovation and enterprise risk management expertise. During his tenure at Brookfield Asset Management, he played a critical role in shaping regional security programs across Australia and Asia Pacific, ensuring security strategies remained aligned with both business objectives and evolving threat landscapes.
Smink has demonstrated particular strength in third-party risk governance, policy development, and disaster recovery planning, areas that have become increasingly vital as financial institutions rely more heavily on complex vendor ecosystems. Even following his time at Brookfield, his influence continues to resonate through the programs and teams he helped establish, reinforcing his reputation as a security leader focused on resilience and long-term operational sustainability.
Thipe Khaole — Chief Information Security Officer, Alexforbes
Thipe Khaole brings a deeply values-driven leadership style to cybersecurity, grounded in discipline, transformation, and continuous professional growth. His career reflects a commitment to strengthening security across operational, tactical, and strategic levels, allowing him to lead complex transformation programs that support evolving business priorities.
As CISO at Alexforbes, Khaole has been instrumental in advancing enterprise security strategies while promoting a culture of accountability and continuous improvement. His ability to integrate structured governance with forward-looking transformation initiatives highlights a leadership approach that balances technical depth with organizational empowerment.
James Ng — Chief Information Security Officer, Insignia Financial
James Ng’s global experience across multiple continents provides him with a unique perspective on managing cyber risk in increasingly interconnected financial environments. With credentials including CISSP, CISA, GSOM, CCSK, and GAICD, Ng combines technical expertise with executive governance capabilities.
At Insignia Financial, Ng is focused on building high-performing security cultures that prioritize collaboration between cybersecurity, risk, and business leadership. His background spanning audit, security operations, and technology risk enables him to deliver security strategies that are both operationally effective and aligned with long-term enterprise governance goals.
Nitin Singh — Head of Cyber Security, Bank First
Nitin Singh represents a new generation of cyber executives who blend security leadership with broader digital transformation expertise. Drawing from experience as both a CISO and CIO, Singh applies systems thinking and first-principles design to modernize cybersecurity frameworks while maintaining operational agility.
At Bank First, Singh is leading cybersecurity uplift initiatives aligned with APRA CPS 234 requirements, strengthening vendor governance, resilience planning, and enterprise risk management. His emphasis on purpose-driven leadership and stakeholder collaboration reflects a forward-looking approach that prioritizes both security maturity and sustainable business growth.
Cody Kieltyka — Chief Information Security Officer, Australian Payments Plus
Cody Kieltyka plays a vital role in safeguarding one of Australia’s most critical financial infrastructures. As CISO of Australian Payments Plus, he is responsible for securing the technologies that enable the nation’s rapidly evolving digital payment ecosystem.
Kieltyka’s leadership focuses on ensuring operational resilience and protecting high-volume payment environments that demand both speed and reliability. His role requires balancing stringent regulatory expectations with the need to support continuous innovation in payment technologies, positioning him as a key figure in securing Australia’s financial transaction landscape.
Shaping the Future of Cybersecurity in Financial Services
As financial services organizations accelerate digital transformation, cybersecurity leadership is evolving from a defensive function into a core driver of enterprise strategy. The leaders highlighted here demonstrate how security can enable innovation, strengthen trust, and support regulatory alignment simultaneously.
From building governance frameworks and reshaping operating models to strengthening payment infrastructure and embedding cyber resilience into organizational culture, these professionals are helping redefine what effective cybersecurity leadership looks like in modern financial services. As the sector continues to face new technological and regulatory challenges, their influence will likely play a central role in shaping Australia’s financial security landscape for years to come.