Description

Key Responsibilities

• Lead the development and implementation of cybersecurity strategy, policies, and frameworks

• Oversee cybersecurity operations including threat intelligence, vulnerability management, and incident response

• Ensure compliance with standards such as ACSC Essential 8, VPDSS, and NIST frameworks

• Conduct security risk assessments across applications, infrastructure, and ERP platforms (including TechnologyOne)

• Manage and optimise security tools including SIEM, IDS/IPS, and endpoint protection

• Lead incident response, investigation, and recovery activities

• Provide expert advice on security architecture, configuration, and improvements

• Manage external vendors and security service providers

• Support audit processes and remediate security findings

• Promote cybersecurity awareness and best practices across the organisation

Technical Capabilities & Experience

• Proven experience in a Senior Cybersecurity role within complex environments

• Mandatory experience working within Local Government / Council environments

• Mandatory experience securing ERP systems, with exposure to TechnologyOne highly preferred

• Strong knowledge of cybersecurity frameworks (ACSC Essential 8, NIST CSF, VPDSS, ISO27001)

• Experience managing security operations including threat detection, incident response, and vulnerability management

• Hands-on experience with security tools such as SIEM, IDS/IPS, firewalls, and endpoint protection

• Strong experience with Microsoft security stack including Microsoft Defender and Azure Sentinel

• Solid understanding of cloud security (especially Azure) and SaaS/application security

• Experience developing and implementing security policies, standards, and procedures

• Strong stakeholder engagement and ability to influence across business and technical teams

• Experience managing vendors and external security providers

Qualifications & Clearance

• Tertiary qualification in Cybersecurity, IT, Computer Science, or related field

• Minimum 5+ years’ experience in cybersecurity roles

• Industry certifications such as CISSP, CISM, CEH, GIAC, OSCP highly desirable

• Microsoft security certifications (SC-200/300/400/900) highly desirable

Key Skills

Education

Any Graduate