About EastLink:
ConnectEast is the owner and operator of EastLink, Melbourne's largest tollway network. EastLink is one of Melbourne's busiest and safest motorways.
About the role:
We are seeking an experienced IT Security Specialist to join our dynamic and growing Information Technology team at EastLink. This role requires a background in both Information Technology (IT) and Operational Technology (OT) environments, with a particular emphasis on security compliance, controls, standards, and risk management.
In this role, you will (but not limited to)
As an IT Security Specialist, you will play a critical role in safeguarding EastLink's technology. Your primary responsibilities will include conducting security reviews, providing expert advice, and performing risk assessments to ensure robust protection across both IT systems and operational technology platforms. This position is integral to maintaining compliance with industry standards, mitigating security risks, and supporting the resilience of our infrastructure.
Cyber Security
* Provide technical advice on security controls, conduct risk assessments, and analyse business impacts of emerging threats.
* Maintain compliance with security standards, perform internal audits, and assist with external audit preparation and evidence collection.
* Drive cybersecurity improvements by identifying risks, staying current with technologies and threats, and researching emerging security trends.
* Support vulnerability assessments, penetration testing, user security testing, and troubleshoot security issues with root cause analysis.
* Develop security standards and procedures, define project security requirements, and evaluate/recommend security products and solutions.
Security Awareness & Training
* Drive security awareness with regular tips and updates.
* Create and deliver engaging training sessions and training resources.
* Support hands-on exercises like crisis simulations, red teaming, and phishing tests.
Risk Management
* Alert the Governance & Security Manager or General Manager IT to the presence of risks within the context of the IT systems and applications.
* In conjunction with the other staff, minimise the risk of incurring financial KPI penalties through the early identification of issues and the implementation of corrective actions to mitigate risks of non-compliance.
Qualifications
* Bachelor's degree in information technology (IT), software engineering, cyber security or related discipline
Experience
* 3 years' work experience working in IT security industry
* Experience leading solutions for SIEM, Firewalls, IPS/IDS, Endpoint / Web / E-mail security, Threat Intelligence and Vulnerability Management products.
* Demonstrated knowledge of security standards, and frameworks, such as, NIST CSF, CIS, IEC-62443, PCI-DSS and Essential Eight
* Demonstrated ability to identify and analyse security threats in both Information Technology and Operational Technology environments.
* Proficient in vulnerability management, assessment and remediation planning
* Experience contributing to security architecture reviews and design decisions.
* Familiarity with different operating systems (Linux, Windows) and enterprise applications (web servers, databases, proxies).
What we can offer you:
* A nurturing environment allowing employees to grow and develop within an inclusive environment.
* Free counselling services through the Employee Assistance Program.
* Micro market, including free espresso coffee and fruit.
* Access to ConnectEast's Wellbeing program, including morning teas, onsite massages, and fitness program.
Ready to apply?
In your application, please highlight relevant qualifications and experience you can bring to this role.
Appointment to this position is subject to a National Police Clearance and your eligibility to work in Australia.
If this role sounds of interest to you, please refer to the Employee Information Kit at for more information.
To be considered for this role applications must include a cover letter and current resume submitted prior to Close of Business on Friday 27th February 2026.
No Agencies - ConnectEast does not accept unsolicited agency referrals.