About this role
As a key Line2 cybersecurity governance expert, you'll shape and maintain the standards and frameworks that define "what good looks like" across our technology environment, with specialist focus on data and AI security, identity and cloud security. You'll guide capability maturity, influence cybersecurity strategy, monitor emerging tech risks, and ensure our governance frameworks are practical, current and adopted across the group. Sitting within nib's second line of defence, you'll define the rules – acting as a trusted adviser to ensure our security requirements align with industry best practice and regulatory expectations.
Key responsibilities
* Maintain clear, practical and up‐to‐date cybersecurity standards, frameworks & guidance, including linkages into the ISMS.
* Provide expert governance advice on data and AI security risks across platforms and programmes.
* Monitor and communicate emerging technology risks to guide capability‐maturity uplift and strategic planning.
* Help define meaningful cybersecurity and tech‐risk metrics that show control alignment and standards adherence.
* Document and elevate framework gaps, standards positions and risk findings through governance channels.
* Work with Line1 teams and security partners to build strong safeguards, uplift maturity and embed a positive risk culture.
About you
You bring a genuine love of technology and a curiosity that drives you to dig beneath the surface – understanding not just what the risks are, but how and why things work the way they do. That intellectual curiosity underpins a strong understanding of current and emerging technologies and the cybersecurity risks that come with them, along with hands‐on experience assessing risk and recommending fit‐for‐purpose security technologies and services.
Your background includes working closely with stakeholders to develop, define and mature security frameworks and standards, helping to drive a culture of security and IT risk awareness across large and distributed organisations. You understand that the best way to protect a system is to first understand how it can be broken, and that attacker's mindset informs the rigor you bring to every standard, framework and safeguard you develop. You have deep knowledge of cloud, identity, data and AI security governance and associated best‐practice standards, complemented by a solid grasp of core security concepts such as vulnerability scanning, intrusion detection, incident response, access control, MFA, device mobility, data protection, and network and application security.
You also bring working knowledge of PCIDSS requirements, along with a strong understanding of leading information security standards and frameworks such as ISO27001, ISO42001, ETSIEN304223, NISTCSF, the ASD Essential8 and the SANS Critical Security Controls – enabling you to align governance guidance with recognised best practice.
Qualifications & experience
* Certified or working toward information‐security industry certifications (e.g., ISC2, CRISC, SANS, GIAC, OCSP).
* Experience working with stakeholders to maintain or implement new risk processes in a collaborative enterprise setting.
* Working understanding and familiarity with current cyber‐security controls and concepts.
* Working understanding of data and AI risk and relevant, commensurate safeguards to manage AI risks.
* Working understanding of contemporary cloud technologies, including the shared‐responsibility model (desired).
Benefits
* New‐starter benefit to help set up a functional home workspace.
* 50% discount on employee health insurance + 35% off travel insurance.
* Paid leave for volunteering through nib Foundation.
* Access to the nib Well Programme and corporate fitness discounts.
* Access to employee share plans, short‐term incentive programme and life and salary continuance insurance benefits.
* 18weeks paid parental leave for all new parents regardless of carer status.
* 5days paid cultural leave for First Nations peoples.
* 4weeks paid gender‐affirmation leave for trans, gender‐diverse and intersex employees.
Diversity, equity and inclusion
We welcome candidates who reflect the diversity of the communities in which we operate and encourage Aboriginal and TorresStraitIslander peoples, people living with disability, veterans, LGBTQIA+ and culturally diverse community members to apply.
EEO statement
All your information will be kept confidential according to EEO guidelines. Successful applicants will be required to complete a background check (including criminal history and bankruptcy check) prior to commencement of employment.
#J-18808-Ljbffr