Fast Growing APAC data centre developer and operator, provider of
highly secure wholesale data center facilities with Corporate and Govt. client base.
The Role:
As the IT Security, Governance & Risk Manager, you'll lead and oversee the cybersecurity strategy and security governance framework across all APAC operating regions, while ensuring the organisation meets regulatory, compliance, and risk‐management obligations.
* Provide strategic security leadership to management and the Board.
* Establish, maintain, and continuously improve enterprise‐wide security governance, policies, and controls.
* Own and manage security risk, incident response, and assurance activities across the business.
* Lead the design, execution, and continuous improvement of cybersecurity strategy across APAC.
* Provide strategic security advice to executive leadership and the Board, including regular reporting on cybersecurity posture, risks, and remediation progress.
* Own and maintain the organisation's security governance framework (information, personnel, physical, supply‐chain security).
* Lead compliance with ISO27001, NIST CSF 2.0, ASD Essential 8, PCI‐DSS, DISP/DSPF, and regional privacy requirements.
* Act as DISP lead, maintaining the DSAP profile, coordinating DISP assessments, and managing remediation activities.
* Own the enterprise risk management (ERM) framework and security risk register.
* Conduct risk assessments for projects, suppliers, contracts, and new facilities.
* Work with IT and partners to uplift cyber maturity across identity, network, cloud, and endpoint environments.
* Support cyber‐remediation plans, cyber‐uplift programs, and secure‐by‐design project reviews.
* Maintain information‐classification practices, access controls, and secure‐data handling.
* Establish and maintain incident response and disaster‐recovery protocols; lead incident investigations and improvement cycles.
* Oversee personnel security, access entitlements, background checks, and clearance processes.
* Guide physical security integration into facility planning, operations, and design.
* Deliver training, awareness, and security culture programs for employees and contractors.
* Engage with auditors, regulators, legal advisors, and government bodies as required.
YOU:
* Education: Bachelor's degree.
* Certifications: Relevant certifications such as CISSP, CISM, or CISA are highly desirable.
* Experience with DSPF and PSPF frameworks.
* Minimum of 5 years of experience in cybersecurity leadership roles.
* Proven experience implementing ISO27001, NIST CSF 2.0, and Essential 8 maturity uplift.
* Must be an Australian Citizen and hold NV1 or be able to obtain NV1 clearance.
* Experience with ISO standards (9001, 27001, 45001, 22301, 50001), K‐ISMS, PCI‐DSS, and NIST CSF.
* Strong documentation and reporting skills with ability to maintain audit‐ready evidence.
* Prior background in IT systems, networks, or infrastructure before transitioning into security and compliance.
* Experience working with external auditors and government regulators.
don't miss out on the Cyber / Datacenter role in Sydney!
Additional information
* Fast growing APAC wide Datacenter Co.
* Strategic role - Cyber Governance and Risk
* ISO27001, NIST CSF 2.0, ASD Essential 8, PCI‐DSS, DISP/DSPF