Chief Information Security Officer (CISO)
Add expected salary to your profile for insights
The Australian Radiation Protection and Nuclear Safety Agency (ARPANSA) is the Australian Government's primary authority on radiation protection and nuclear safety. Our purpose is to protect the Australian people and the environment from the harmful effects of radiation, through understanding risks, best practice regulation, research, policy, services, partnerships and engaging with the community.
Section overview
The Digital Technology section (DTS) is a high-profile section within the Office for Business Support and is responsible for driving the development and delivery of a range of strategic and operational Digital Technology functions.Working in partnership with ARPANSA’s Executive, branches and offices, DTS provides services and advice on the agency’s use of technology, applications, information and data, including oversight of cybersecurity and information governance.
The Cyber Security team is responsible for the development, implementation, and oversight of ARPANSA’s cyber security program. This includes ensuring compliance with relevant legislation, standards, and policies, and managing cyber security risks across information and operational technology environments.
What we offer
Working at ARPANSA represents a dynamic and exciting opportunity to grow your career and access capability-building professional opportunities. At ARPANSA, our workforce priorities are building sustainable capability to enable achievement of ARPANSA’s mission, leading as an employer of choice in all the fields we provide opportunities, and strategically aligning our work to deliver meaningful outcomes for the Australian Community. A role at ARPANSA involves :
* Values and behaviours that underpin a culture characterised by commitment, respect, delivery, inclusion and collegiality.
* Opportunities to engage with national and international stakeholders, in a context that values leading practice science.
* The opportunity to pursue your interests while contributing to the Australian community.
* A commitment to providing an inclusive and diverse workplace where all employees are valued. We appreciate the experiences, skills and perspectives of all individuals and harness a collaborative environment. We actively encourage applications from people with diverse backgrounds.
* Great working conditions including competitive salaries with 15.4% superannuation, generous leave conditions, flexible work practices, modern amenities, and free parking at both our Yallambie and Miranda sites.
Primary purpose of the role
Accountable to the Chief Executive Officer and reporting to the Director Digital Technology, Chief Information Officer (CIO), the position supports the Chief Security Officer (CSO), and the Security and Insider Risk Section by providing cyber security leadership, incorporating information technology and operational technology. The position ensures alignment with business objectives, regulatory requirements, and security and risk management frameworks. It is imperative that the incumbent understands and communicates the impact of cybersecurity on critical business areas to senior leadership effectively.
The primary objective of this role is to secure ARPANSA's compliance with the Technology Domain of the Protective Security Policy Framework (PSPF) and implementing the Australian Signals Directorate’s Information Security Manual (ISM) and Strategies to Mitigate Cyber Security Incidents. This includes responsibility for the entity’s cyber security strategy and uplift plan. These frameworks provide the mandatory requirements for protective security, including cyber security, and provide thorough guidelines to protect information and technology assets. This role is vital for preserving the integrity and security of ARPANSA's information systems, ensuring adherence to national standards and best practices.
Key accountabilities
* Provides cybersecurity leadership and guidance across ARPANSA, ensuring compliance with standards, regulations, and legislation to protect digital assets and information.
* Develops and implements the agency’s cybersecurity strategy, framework, and roadmap. Manages the cybersecurity team and budget, overseeing risk management activities and maintaining the security risk profile.
* Ensures consistent application of policies and standards across all technology projects and systems, collaborating with privacy officers and security teams to align cybersecurity measures with privacy requirements.
* Manages cybersecurity incidents and responses, including engagement with the Australian Cybersecurity Centre (ACSC), mandatory reporting, business continuity, and disaster recovery planning.
* Coordinates cybersecurity awareness training programs for employees, contractors, and system users. Monitors the external threat environment and advises stakeholders on emerging threats.
* Supports the development of asset inventories, including cloud services and third-party information assets.
* Works closely with the Chief Security Officer (CSO) and the Security and Insider Risk Section to ensure clear and consistent messaging, providing cybersecurity expertise and fostering a unified vision for developing robust security behaviours and culture.
Our ideal candidate - job specific capabilities
The ideal candidate for this role should possess demonstrated technical skills and experience in leading enterprise-wide cyber security programs and a strong understanding of Australian Government cyber security frameworks, risk management, and regulatory compliance. They should have proven ability to translate technical risks into business and operational impacts and experience in incident response, crisis management, and stakeholder engagement. Additionally, excellent communication and leadership skills are required, with the ability to influence at executive and board levels. The candidate should also have experience managing cyber security budgets and workforce planning, as well as knowledge of operational technology environments and their unique security challenges.
You must hold Australian citizenship and be prepared to travel interstate from time to time as required. This position requires the ability to obtain and maintain a minimum NV2 security clearance, however, NV1 is permitted on commencement.
Demonstrated experience and success in leadership roles in risk management, cybersecurity, and IT or OT security. Degree in business administration or a technology-related field, or equivalent work- or education-related experience. Desired, but not required :
* Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials
* Experience successfully executing programs that meet the objectives of excellence in a dynamic business environment
* Experience with contract and vendor negotiations
Selection criteria
The selection criteria for this role are :
* Demonstrated skills and experience in leading cybersecurity programs in a government or regulated environment.
* Proven ability to manage complex cyber security incidents and communicate effectively with stakeholders.
* Deep understanding of the Protective Security Policy Framework, the Information Security Manual and the Essential Eight or equivalent international standards.
* Excellent communication skills, interpersonal and collaborative skills, and the ability to communicate cybersecurity and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.
* Ability to lead and motivate the cybersecurity team to achieve tactical and strategic goals
Employment with ARPANSA is subject to :
* conditions prescribed within the Public Service Act 1999.
* Australian Government Security Vetting Agency (AGSVA) granting a security clearance at the required level.
* evidence of citizenship status required.
* evidence of qualifications required of the role.
* evidence of a completed national police-check with no risks identified by ARPANSA.
* the CEO of ARPANSA, or their Delegate, approving a Notice of Engagement.
Your application will consist of resume, ARPANSA cover letter to be completed via the portal, contact details for two referees and a ‘1000-word pitch’ that considers :
* Key accountabilities
* Job specific capabilities
* Selection criteria.
ARPANSA recognises the need for our workforce to reflect the community we serve and provide an inclusive environment that respects and values diversity.We strongly encourage qualified applicants from diverse backgrounds to apply.
RecruitAbility applies to this vacancy.Under the RecruitAbility scheme applicants who choose to apply under the scheme will be invited to participate in further assessment activity for the vacancy, where they meet the minimum requirements for the position.ARPANSA will provide reasonable adjustments or flexibilities in the recruitment process as requested.For more information visit : https : / / www.apsc.gov.au / recruitability .
Merit pool
The selection process will establish a merit pool that may be used to fill similar positions within 18 months of advertising.
To find out more about the employment conditions at ARPANSA, please refer to our Enterprise Agreement. Thank you for your interest.
ARPANSA
Unlock job insights
Salary match Number of applicants Skills match
To help fast track investigation, please include here any other relevant details that prompted you to report this job ad as fraudulent / misleading / discriminatory.
Researching careers? Find all the information and tips you need on career advice.
J-18808-Ljbffr
Create a job alert for this search
Information Security Officer • Melbourne, Victoria, Australia
#J-18808-Ljbffr