OUR VALUE PROPOSITION At RSM, our purpose is to instill confidence in a world of change for both our clients and our people. RSM Australia supports a people-centric and collaborative culture where we are committed to empowering and developing you. As a leading professional services firm, we connect you to an extensive network of global resources and invest in your future. We value the meaningful work that you do and encourage you to be a part of the change. Our value proposition is our commitment to you; it highlights the experiences, benefits, and value that you can expect as part of RSM. This is underpinned by our three values – integrity in everything that we do, supporting clients everywhere, and developing and valuing everyone. Who we are: RSM Australia is a member of RSM, the world’s 6th largest network of audit, tax and consulting firms. We are an award-winning professional services firm with over 100 years experience supporting Australian businesses. We believe in putting people first and we are proud to have developed a work culture that fosters growth, collaboration and success. About the role: Cyber Security Lead Location: Melbourne (preferred) but would also consider Sydney, Perth or Brisbane Lead and mature RSM’s security engineering and operations capability. This is a pivotal role driving secure‑by‑default delivery, standardising CI/CD security controls and automation, and owning incident leadership and SOC performance. Your mission : reduce risk, cut dwell and containment time, and convert telemetry into board‑ready metrics and threat‑level reporting. You’ll collaborate widely across Technology and business teams to embed guardrails, strengthen control adoption, and ensure operational insights drive continuous improvement in security engineering and operations. As a hands‑on leader across Delivery (Engineering) and Run (Operations) , you will: Embed guardrails into pipelines and platforms (DevSecOps, CI/CD security controls, vulnerability SLAs, hardening baselines, secrets/IAM operational controls) and enforce them through automation. Mature detection & response (SIEM/SOAR strategy, tuning backlog, use‑case design, playbooks, MIM leadership, forensic readiness) and manage MSSP/SOC performance to achieve measurable signal‑to‑noise reduction. Publish executive dashboards and threat posture levels to support risk‑based decisions and investment prioritisation. Operate auditable processes that improve continuity, audit readiness, client responsiveness, and board visibility. Key Responsibilities Engineering: Define and integrate CI/CD security baselines (SAST/DAST, SBOM, attestation, release gates). Drive automation for control deployment and drift remediation. Own vulnerability management with SLA governance and executive reporting. Establish hardening baselines for endpoints, network, and cloud landing zones. Operations: Lead SIEM/SOAR strategy, tuning, and measurable detection improvement. Act as Major Incident Manager (MIM) during critical events. Oversee SOC vendor performance, escalation paths, and backlog prioritisation. Maintain forensic readiness and threat intelligence visibility. Governance & Reporting: Deliver board‑level dashboards and threat posture reporting. Collaborate with Architecture, GRC, and Privacy teams for audit readiness and evidence packs. Recommend tooling optimisation and rationalisation opportunities. About you: What We’re Looking For Essential: Relevant tertiary qualification or equivalent experience. Proven leadership in security engineering and operations. Hands‑on experience with CI/CD security controls, vulnerability management, SIEM/SOAR tuning, and incident leadership. Strong analytical and communication skills; ability to convert telemetry into executive dashboards. Desirable: Certifications such as CISSP, GIAC, AWS/Azure Security, Microsoft Defender XDR/Sentinel. Experience maturing combined SecEng/SecOps functions in complex environments. Familiarity with frameworks like ACSC Essential Eight, ISO 27001, NIST CSF. Consulting or advisory experience in security transformation programs. Ready to make an impact? Help us uplift our security maturity and build security the right way. Life at RSM: RSM provides a great environment to build skills and confidence and we help our people achieve their best. We are trusted advisors to our clients, so it is critical for us to find the right people for the job on offer. Our network of offices across Australia and around the world allow us to offer a personal service to all our clients regardless of where they are! Working for RSM entitles everyone to a wide range of leading health, wellness financial and lifestyle benefits. How to apply: Please click on the “apply” button and complete our online application form. Agencies, thank you for thinking of us, but our recruitment is managed internally, and we will reach out to our preferred suppliers if we need assistance.
