Lead Cyber Security Adviser

• System Authorisation: Develop and review security artefacts, including Security Risk Assessments, Plans of Actions & Milestones (POA&Ms), and System Security Plans (SSPs).
• ATO Support: Assist business and system owners to attain and maintain ATOs.
• Control Implementation: Identify, test, assess, and help implement applicable security controls in line with Cyber Security Policy Guidelines, the Australian Government Protective Security Policy Framework (PSPF) and the Information Security Manual (ISM).
• Risk Advisory: Analyse and document security risks; recommend practical treatments and improvements to security practices and procedures.
• Stakeholder Management: Build and manage effective relationships with diverse stakeholders to achieve work area goals.
• Service Management: Maintain agreed service levels and drive continuous improvement in cyber services.
• Policy & Uplift: Contribute to security policies, procedures, projects, and broader strategies.
• Education & Awareness: Promote understanding and adherence to security policy and processes across the department.

What you'll bring (Essential)

• Extensive experience with risk and information security frameworks, policies and standards, including PSPF and ISM, and international standards (ISO 27001/2).
• Demonstrated experience in security risk assessments and developing security authorisation artefacts to support systems achieving ATO.

Nice to have (Desirable)

• Hands‑on security experience in complex ICT environments.
• Strong stakeholder management skills and the ability to translate security concepts for non‑technical audiences (written and verbal).
• Awareness of global cyber security trends, attack vectors and techniques.
• Experience working within Federal Government environments.

How to apply

Please provide a one‑page pitch (up to 5,000 characters) addressing the Essential and Desirable criteria, outlining your most relevant achievements, outcomes, and how you meet the role requirements.