Join one of Australia’s largest purpose-driven organisations and use your cybersecurity expertise to make a real impact. At Endeavour Foundation, we’re more than just an employer, we’re a community dedicated to creating inclusive workplaces and empowering people with disability. We live and breathe our purpose every day, offering flexible working, great perks, and genuine work/life balance. Our mission is simple: make possibility a reality. About the Role – Cybersecurity Compliance Specialist Are you ready to take the lead in safeguarding systems, data, and people? We’re seeking a Cybersecurity Compliance Specialist to maintain and strengthen our Information Security Management System (ISMS) and ensure ongoing compliance with key frameworks including ISO27001:2022, ISM, and the Essential 8. This is an involved role where you’ll work closely with internal teams, senior executives, external vendors, and auditors to protect our security posture, prepare for accreditation, and drive continuous improvement in risk and security governance. What You’ll Be Doing Maintain and review the ISMS manual and plan, ensuring compliance with ISO27001:2022, ISM, and Essential 8. Coordinate ISMS activities, ensuring readiness for annual audits, certifications, and DEWR Right Fit for Risk requirements. Conduct security risk assessments and recommend mitigation strategies. Monitor and review ISM controls including those released every quarter, implementing improvements to maintain required maturity levels. Partner with ICT and business teams to embed ISMS requirements into security projects. This will involve interpreting technical controls and processes into plain English for non-ICT stakeholders. Produce high-quality reports, governance artefacts, and audit documentation. Collaborate with external auditors and vendors, ensuring clear communication and successful audit outcomes. Provide guidance and coaching to stakeholders on ISMS processes and security compliance. What You Need to Succeed Tertiary qualification in Information Technology, Information Security, or a related field. Strong working knowledge of ISO27001:2022, ISM, and Essential 8 frameworks. Preferably certified in GRCP, CRISC, CISA, CISM, or CISSP. Minimum 3 years’ experience advising on information security risks and controls. Proven stakeholder management experience, including engagement with senior executives. Ability to produce high-quality written documentation and reports. Experience with GRC tools (6clicks or similar preferred). Why Join Us? Salary packaging – up to $15,900 of your annual salary tax free, plus $2,650 for meals & entertainment. Novated leasing – save on car purchase and running costs. Corporate discounts on private health insurance, Kia vehicles, and Harvey Norman products. Discounted gym memberships via Fitness Passport. Supportive onboarding and ongoing learning opportunities. 6 weeks paid parental leave for primary carers. Free coaching and counselling through our Employee Assistance Program. Reward & Recognition Program to celebrate your achievements. If you’re passionate about cybersecurity compliance and want to contribute to an organisation with real purpose, we’d love to hear from you. Click "Apply" now and join TeamPossible. We welcome applications from people of all ages, backgrounds, abilities, and cultures, including Aboriginal and Torres Strait Islander peoples, CALD communities, LGBTQI individuals, and people with disability. Success Profile