Cybersecurity Governance & Assurance Manager
* 14 Apr 2026
* Sydney
* Contract
We're looking for an experienced cybersecurity professional to take ownership of governance, risk, and compliance activities across a large and complex organisation. You'll work closely with the CISO to shape and protect our cyber posture — and you'll have the confidence to operate with real autonomy from day one.
About the role
Reporting directly to the CISO, you will:
* Provide governance input into cybersecurity initiatives, projects, and operational activities
* Lead preparation of papers, briefings, and executive-level updates for the CISO
* Drive follow‐up actions from the recent NIST Cybersecurity Framework Assessment
* Own and resolve the ServiceNow Cyber governance queue
* Maintain and update enterprise and ICT cybersecurity risk registers
* Review and update cybersecurity policies, risk statements, controls, and treatment plans
* Prepare reporting for the Audit and Risk Committee
* Manage the vulnerability management process and associated reporting
* Update existing Information Security Directives and draft new ones as required
* Provide broad advice and support across daily CISO Office operations
What you'll bring
* Deep knowledge of NIST CSF — with familiarity across other major frameworks
* 4–6 years of hands‐on experience — in cybersecurity governance, risk, assurance, and compliance
* Higher education or public sector experience — (mandatory — this is a complex stakeholder environment)
* Proven ability to operate independently — as a self‐starter with minimal guidance
* Strong working knowledge of IS policy frameworks — able to adapt good practice to our directives
* Experience with audits, strategy, policy, and assurance programs — including governance reporting
* Executive‐level written and verbal communication skills — you'll be producing board‐ready outputs
* Working knowledge of Jira, ServiceNow, and Protecht — (or similar GRC platforms)
Level 6, 50 Margaret Street, Sydney NSW 2000
#J-18808-Ljbffr