Lead Cyber Security Adviser

We are seeking a skilled Cyber Security Adviser to support critical ICT security initiatives within a high-performing Cyber Security team. This role plays a key part in strengthening system authorisation processes, managing cyber risk, and ensuring alignment with government security frameworks.

You will provide technical security advice across projects and programs, working closely with business and system owners to enhance security posture and maintain compliance.

KEY RESPONSIBILITIES

1. Contribute to system authorisation activities by developing and reviewing security artefacts such as:

• Security Risk Assessments
• System Security Plans (SSPs)
• Plans of Action and Milestones (POA&Ms)

2. Support business and system owners to achieve and maintain Authorities to Operate (ATO)
3. Identify, assess, and assist with implementation of security controls in line with:

• Australian Government Protective Security Policy Framework (PSPF)
• Information Security Manual (ISM)
• Cyber Security Policy Guidelines

4. Analyse and document security risks, recommending effective mitigation strategies
5. Build and manage strong stakeholder relationships across technical and business teams
6. Support agreed service levels and ensure timely delivery of outcomes
7. Contribute to development of security policies, procedures, and strategies
8. Drive continuous improvement of cyber security services and processes
9. Educate and uplift staff awareness of security policies and best practices

Desirable Qualifications

• Certifications such as CISSP, CISM, CISA, or CRISC
• ASD IRAP certification (or working towards)
• Knowledge of ISO 31000 risk management framework
• Familiarity with ISO/IEC 42001:2023 (AI Management Systems)
• Cloud security certifications:
  • Azure Security Engineer (AZ-500)
  • AWS Certified Security - Specialty (SCS-C02)
• Exposure to AI security or audit training (e.g., ISACA)