Job title: Lead IT Security Adviser
Job type: Contract
Emp type: Full-time
Pay interval: Hourly
Pay rate: negotiable
Job published: 10/04/2026

Job Description

Job Title: Lead IT Security Adviser

Security Clearance: Must be able to obtain Baseline

Duration: Initial 12 months with 2 x 12-month extensions

Industry: Information Technology

Location of work: ACT | Hybrid

Working arrangements: Flexible/hybrid options are available, subject to agreement with the Hiring Manager. Generally, an office presence is expected 2–3 days per week.

Closing date: 9AM Wednesday, 15 April 2026

Description:

Our client is seeking an experienced Lead IT Security Adviser to provide embedded cyber security advisory and assurance services. This role focuses on delivering continuous, independent security advice to support ongoing uplift, maturity, and continuous improvement across a complex, cloud-based and vendor-delivered ICT environment.

The position is advisory and assurance-focused, with no responsibility for operational cyber security execution. The successful candidate will work closely with internal teams and external providers to support secure design, informed decision-making, and effective assurance practices.

Responsibilities:

  • Provide continuous, independent cyber security advice across platforms, systems, and services
  • Support cyber security maturity uplift, including Essential Eight implementation and Zero Trust principles
  • Advise on cyber security risk management, including risk identification, assessment, treatment, and acceptance
  • Provide oversight and assurance of security controls implemented by internal teams and external providers
  • Review and interpret security assessments, audits, and third-party assurance artefacts
  • Support development and maintenance of cyber security policies, standards, and guidance
  • Provide advice on secure design, architecture, and control selection
  • Support incident preparedness and post-incident improvement activities
  • Contribute to cyber security awareness and capability uplift across the organisation

Requirements:

  • Comprehensive knowledge of Australian Government cyber security requirements, including ISM and PSPF
  • Strong experience in cyber security risk management frameworks such as NIST, ISO 31000 and ISO 27005
  • Understanding of ISO 27001-aligned ISMS concepts relating to control selection and assurance
  • Demonstrated experience providing senior IT security advisory services in cloud-based and outsourced ICT environments
  • Experience supporting cyber security maturity uplift, including Essential Eight
  • Experience providing assurance across vendor-delivered and managed services environments
  • Strong communication skills to engage with technical specialists, executives, and governance forums

Key Capabilities:

  • Ability to provide independent, high-quality cyber security advice and assurance
  • Strong stakeholder engagement and communication skills across technical and executive audiences
  • Capability to support risk-based decision-making and governance processes
  • Experience working within complex, cloud-based and outsourced ICT environments
  • Ability to contribute to continuous improvement and cyber security maturity uplift

Essential Criteria:

  • Comprehensive knowledge of Australian Government cyber security requirements, including the ISM and PSPF.
  • Strong experience in cyber security risk management, including but not limited to NIST, ISO 31000 and ISO 27005.
  • Understanding of ISO 27001aligned ISMS concepts as they relate to control selection, assurance, and risk-based decision making (not certification ownership).
  • Demonstrated experience providing senior IT security advisory services in cloud based and outsourced ICT environments.
  • Experience supporting cyber security maturity uplift, including Essential Eight implementation and sustainment.
  • Experience providing assurance and advisory services across vendor delivered and managed security services, with strong communication skills to engage effectively with technical specialists, senior executives, and governance committees.

How to apply:

Please submit your application including your resume and a completed application form addressing the essential and desirable criteria. Ensure your application highlights your experience and any relevant certifications.