Shape cyber security outcomes across nationally significant systemsLong-term Federal Government contract - Up to 12 months + up to 24 monthsNo Payroll Fees | 2 Pay Runs Per Week | Easy Online TimesheetsLead Cyber Security Adviser (EL1 Equivalent) - Open to ACT, QLD, VIC and SA - NV1
Your new company
We are partnering with a large Federal Government agency that delivers critical national services through complex, enterprise‑scale digital platforms. The organisation operates within a highly regulated environment and is continuing to uplift its cyber security posture across systems, programs and services.This opportunity is offered on an initial 12‑month contract, with the potential for up to 2 x 12 month extensions. The role can be based in Brisbane, Canberra, Melbourne or Adelaide, with a hybrid working arrangement. Candidates must be able to obtain Negative Vetting Level 1 (NV1) security clearance. The successful contractor will be required to work onsite for the first 6 weeks, before transitioning to a hybrid model with a minimum of 3 days per week onsite.
Your new role
As a Lead Cyber Security Adviser, you will provide trusted, expert advice across system projects and programs, supporting the management of cyber security risk and system authorisation activities. This role goes beyond compliance. You will work closely with system owners, delivery teams and senior stakeholders to interpret and apply federal security frameworks in a pragmatic way, enabling systems to operate securely while still supporting delivery outcomes.
Your responsibilities will include:
Leading and contributing to system authorisation activities, including the development and review of Security Risk Assessments, System Security Plans, and Plans of Action and MilestonesSupporting business and system owners to achieve and maintain Authorities to Operate (ATO)Identifying, assessing and assisting with the implementation of security controls aligned to the PSPF, ISM and Cyber Security Policy GuidelinesAnalysing and documenting cyber security risks, recommending proportionate and practical treatmentsManaging and influencing relationships with a wide range of technical and non‑technical stakeholdersSupporting the development and uplift of cyber security policies, procedures, projects and strategiesContributing to continuous improvement initiatives to enhance the efficiency and effectiveness of cyber security servicesPromoting cyber security awareness and adherence to policy across the organisationWhat you'll need to succeed
You are a senior cyber security professional with strong judgement and advisory capability, comfortable operating in complex, multi‑stakeholder environments.
To be successful, you will demonstrate:
Extensive experience working with risk and information security frameworks, policies and standards, including the Protective Security Policy Framework (PSPF), Information Security Manual (ISM) and ISO 27001/27002Proven experience conducting security risk assessments and developing system authorisation artefacts to support systems achieving ATOExperience working within large, complex ICT environmentsStrong stakeholder management capability and the ability to clearly communicate security concepts to non‑technical audiencesKnowledge of current cyber threats, attack vectors and techniques, and how they translate into enterprise riskPrevious experience working within the Australian Federal GovernmentYou must be able to obtain Negative Vetting Level 1 (NV1) security clearance to be considered.What you'll get in return
Long‑term contract with extension possibilitiesWork on complex, nationally significant systemsLead‑level influence across cyber risk and authorisation activitiesWhat you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career.
Desired Skills and Experience
\"CYBER ADVISOR\" OR CONSULTANT OR ADVISOR OR SRA OR SRM OR ATO OR PSPF OR \"SECURITY RISK ASSESMENT\" OR GRC OR \"GOVERNANCE RISK AND COMPLIANCE\" OR \"AUTHORITY TO OPERATE\" OR \"RISK ASSESSMENT\"