Introduction This role combines technical delivery, control implementation, framework alignment, and cyber advisory work for our clients. You will play a key role in shaping and uplifting cyber maturity, guiding both internal teams and customers on effective control design, and contributing to the ongoing strength of our cyber standards and processes. As a senior member of the team, you will provide technical leadership, mentor other engineers, and help ensure cyber security outcomes are aligned to recognised standards. You will also be a champion of our vision and values, and act with integrity and purpose, making cyber security clear and accessible for our clients. Description Technical Leadership • Lead design, implementation, and maintenance of cyber security controls across client environments. • Design and implement Essential Eight uplift programs. • Scope and plan cyber security initiatives, including technical controls, cloud security, secure architectures, and maturity improvement programs. • Complete technical project plans and proposals for cyber initiatives. • Assist with the ongoing development of internal standards, and tooling. • Develop policies, products and standards to build internal capabilities. • Act as an escalation point for cyber incidents, response planning, and security investigation. • Guide and mentor the cyber team on technical controls, design decisions, and best practice. • Play a key role in building and developing the cyber team. Governance and Compliance • Provide advisory and consulting services to clients across governance, compliance, and control selection. • Conduct security assessments and audits against relevant standards and frameworks. • Lead ISO 27001 compliance, maintenance and certification activities. • Manage governance, risk, and compliance initiatives. Reporting and Awareness • Prepare technical and executive level reporting, findings, and recommendations. • Drive security awareness across organisation. Skills And Experiences • Significant professional experience in cyber security, technical uplift, or security consulting roles. • Proven ability to design, implement, and measure the effectiveness of security controls. • Demonstrated experience delivering large Essential Eight implementations. • Strong working knowledge of at least 3 of the following: ISM, PSPF, SOCI, NIST CSF, DISP, ISO27001 and SOC 2. • Experience with security tools or practices, such as: EDR, application control, vulnerability management, DLP, IDS/IPS, network security, SIEM, SOAR, IAM, and cloud security. • Experience with security management in Microsoft 365. • Ability to scope initiatives, run workshops, and communicate recommendations at both technical and business levels. • Strong written and verbal communication skills, including preparing client facing reporting. • Ability to obtain an AGSVA security clearance. • A team player, motivated to safeguard the nation’s digital and critical infrastructure. • Ability to understand client objectives and align security to suit. • Experience leading multiple projects in parallel. • Relevant certifications. • Ability to translate cyber security concepts into clear, client friendly language. • Demonstrated knowledge of cloud infrastructure security (Azure and AWS). • Automation experience. • Experience in MSP, consulting, or multi tenanted environments.
