Job title: Lead Risk and Compliance Cyber Governance
Job type: Contract
Emp type: Full-time
Pay interval: Hourly
Pay rate: negotiable
Job published: 03/12/2025

Job Description

Job Title: Lead Risk and Compliance Cyber Governance

Security Clearance: Must be able to obtain Baseline

Duration: Initial 12 months with 2 x 12-month extensions

Industry: Information Technology

Functional Expertise: Cyber Security Compliance

Sub-functional Expertise: Governance, Risk and Compliance (GRC)

Location of work: ACT

Working arrangements: Hybrid

Closing date: 9AM Thursday, 11 December 2025  

Description:

Our client is seeking a Cyber Security Compliance Specialist to support the assessment and accreditation of new and upgraded systems. The successful candidate will be responsible for ensuring systems meet required cyber security standards in line with internal processes and relevant frameworks including the Information Security Manual (ISM), Protective Security Policy Framework (PSPF), and Information Security Registered Assessors Program (IRAP). The role involves close collaboration with technical and non-technical stakeholders to provide advice and deliver supporting security documentation.

Responsibilities:

  • Lead the production of security accreditation documentation including SOA, SRMP, SSP, and Certification Reports

  • Manage Authority to Operate Framework (AtOF) assessments, ensuring timely completion while managing multiple concurrent assessments

  • Communicate security concepts and controls to both technical and non-technical audiences

  • Provide informed security advice to stakeholders and senior executives

  • Act on direction from the Cyber Security Manager and IT Security Advisor within the Cyber team

  • Resolve compliance issues and address vulnerabilities by coordinating with internal teams

  • Facilitate discussions to reach consensus on security decisions

  • Complete security assessments using the organisation’s IT service management risk system

Requirements:

  • Minimum 5 years of experience in cyber security compliance within Government

  • Demonstrated experience developing and managing risk assessments per ISM compliance

  • In-depth understanding of ISM, PSPF, and IRAP frameworks

  • Strong communication and stakeholder engagement skills

  • Ability to manage and prioritise multiple tasks simultaneously

  • Experience working in Microsoft technology environments

Key Capabilities:

  • Expertise in cyber governance, risk and compliance

  • Proficient in developing accreditation documentation

  • Strong stakeholder consultation and negotiation skills

  • Experience in ICT security within large, complex environments

  • Familiarity with security frameworks and Government policies

Essential Criteria:

  • 5 years’ experience as a cyber security compliance specialist and demonstrated experience in relation to the detailed skill set (outlined above).

  • Experience working in large complex ICT environments with a focus on Microsoft technologies, and the ability to consult with a range of both technical and non-technical personnel.

  • Extensive knowledge of Australian Government Policies and frameworks relating to Government Services.

  • Ability to handle multiple assessments at any given point and excellent attention to detail.

Desirable Criteria:

  • Five years prior experience in writing and managing risk assessments per ISM compliance in Government.

How to apply:

Please submit your application including your resume and a completed application form addressing the essential and desirable criteria. Ensure your application highlights your experience and any relevant certifications.