* 12-month contract + extensions
* Canberra based – hybrid working arrangement available
* NV1 clearance required
* Key skills: Authorisation to Operate (ATO) lifecycle management, risk assessments, and hands-on experience with Australian Government security frameworks.
This is a senior level opportunity to play a pivotal role in protecting critical information systems within one of Australia's most important government agencies, an organisation dedicated to the wellbeing of the nation's veterans and their families.
You'll lead the end-to-end process of assessing and validating system security, ensuring digital infrastructure meets the highest standards of compliance and resilience. If you thrive on translating complex security risk into practical solutions and working across both technical and executive stakeholder groups, this role will give you the scope and impact to match your expertise.
Your duties will include:
* Leading the system security authorisation process in line with the Information Security Manual (ISM) and Protective Security Policy Framework (PSPF)
* Developing and maintaining essential security documentation, including Standard Operating Procedures (SOPs) and risk treatment artefacts
* Conducting thorough risk assessments to identify, evaluate, and recommend mitigations across project and operational environments
* Collaborating with Authorisation Officers, system owners, project managers, and technical teams to drive system accreditation outcomes
* Monitoring and maintaining the security posture of systems post-accreditation through regular audits and change reviews
* Establishing and managing processes for reporting and responding to security incidents that may impact a system's ATO status
* Supporting compliance activities across frameworks including the ACSC ISM, Essential Eight, ISO/IEC 27001, and NIST Cybersecurity Framework
Skills and Experience we are looking for:
* Demonstrated experience in information security, cyber risk, or governance, risk and compliance (GRC) – preferably within complex ICT environments involving multiple service providers
* Demonstrated experience managing the Authorisation to Operate (ATO) lifecycle and producing high-quality security documentation
* Strong working knowledge of Australian Government security standards, including the ISM and PSPF
* Proven ability to communicate technical security risks and controls clearly to non-technical audiences and senior stakeholders
* Experience with cloud security environments (desirable)
* Relevant security certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer/Auditor (desirable)
* A Bachelor's degree or equivalent qualification in Cyber Security or a related field (desirable)
Application Process: If you would like to apply, please contact Sanat on email **************@
For over 30 years Talent has been redefining the contracting experience with industry leading support, exclusive contractor benefits & a world-class digital platform ENGAGE to access it all. Apply today to see how we can elevate your career