The Manager, Cyber Security reports to the Chief Information Officer (CIO) within the Information Services Department (ISD). The Department spans information management and ICT services, providing reliable and secure technology environments across on-premises and cloud platforms, infrastructure, and end-user devices. The team supports all National Gallery staff wherever they work, ensuring connectivity, mobility, and security across digital platforms.
As a small, team-oriented team, ISD members contribute across multiple capabilities, offering exposure to IT service management, infrastructure, end-user computing, cyber security, capital projects, and strategic ICT planning. The team plays a key role in delivering Gallery-wide initiatives from concept to implementation.
The Cyber Security Manager plays a critical role in safeguarding the National Gallery’s digital environment, assets, and information. The position leads the Gallery’s cyber security strategy, procurements, projects, and operations to ensure compliance with Australian Government and ACSC guidance, uplift Essential Eight maturity, and build organisational cyber resilience.
As part of a hands-on information management and technology team, the role combines strategic leadership, technical expertise, education, procurement, project delivery, and governance reporting. It works across the organisation to strengthen security culture, implement effective controls and monitoring, and advise the CIO, Executive, Audit & Risk Committee, and Council on cyber risks, incidents, and performance.
The Cyber Security Manager is responsible for implementing the Cyber Security Strategy and Roadmap and fulfilling the day-to-day ICT security responsibilities expected of an Information Technology Security Advisor (ITSA). Working closely with the CIO, infrastructure and operations teams, managed service providers, and vendors, the role oversees monitoring, event analysis, remediation, and proactive technical actions to maintain a secure, resilient, and compliant ICT environment, protecting users, data, and the National Gallery’s digital assets that support Australia’s national collection and public mission.
The key duties of the position include:
In accordance with the APS Executive level 1 work level standards, you will have the following key
responsibilities:
- Develop, implement and maintain the Gallery’s Cyber Security Strategy, policies, procedures and plans, aligned to the Australian Cyber Security Centre’s (ACSC) Essential Eight, Protective Security Policy Framework (PSPF), and Information Security Manual (ISM).
- Provide expert advice to the CIO, Executive, and Council on cyber security posture, risks, incidents, and emerging threats in the role of Information Technology Security Advisor (ITSA).
- Lead the delivery of activities on the National Gallery’s Cyber Security Strategy and Roadmap to uplift the organisations cyber security maturity. This includes leading the Essential Eight maturity uplift program, developing roadmaps, tracking progress, and embedding controls in daily operations and project delivery.
- Oversee day-to-day security operations including threat detection, vulnerability management, and incident response.
- Support colleagues as an active member of the IT team, troubleshooting, configuring controls, monitoring logs, and maintaining secure network, endpoint and cloud environments. Lead the implementation and maintenance and/or oversight of centralised logging, endpoint protection, patching, identity management, and support backup systems to ensure resilient operations.
- Ensure effective cyber security risk management plans and policies for information systems are in place, monitored and updated regularly
- Deliver fit for purpose cyber security education and awareness activities for staff and promote a culture of cyber safety across the National Gallery.
- Undertake procurements and manage service contracts for delivery of cyber security services and projects and evaluate and report on the provision of these services.
- Prepare clear and concise reports and briefings for the IT Governance Committee, Audit & Risk Committee, and Council on cyber maturity, incidents, and mitigation progress.
Eligibility
Citizenship – To be eligible for employment with the Gallery, you must be an Australian citizen.
Police Check – to be eligible for this role you must complete a police check.
Security Assessment: The successful applicant will be required to obtain and maintain a Negative Vetting Level 1 security clearance. Ongoing employment in this role requires the successful candidates to maintain a high-level security clearance. Loss of a security clearance at any time will lead to termination of employment.
ADDITIONAL INFORMATION - Qualifications, Certifications and Registrations
Role specific mandatory qualifications /certification and/or registrations include:
- Relevant qualifications in IT, ICT or other relevant fields is highly desirable
Notes
HOW TO APPLY
To apply for this role please go to the National Gallery's Careers portal.
You should provide a tailored CV (maximum of three pages) along with a statement of no more than two pages that outlines your skills, capabilities and experience, against the information above.
In your statement response you should keep in mind the capabilities and behaviours required to be successful for this role, as identified in the information above. Try not to duplicate information that can be found in your CV but do highlight any specific examples or achievements that demonstrate your ability to perform the role.
An order of merit or merit pool, may be established from this selection process and may be used to fill future identical vacancies over the next 18 months. Selection may be based on application and referee reports only. If you do not wish to be added to an order of merit, please notify us in your application.
Getting to know the National Gallery of Australia
The National Gallery is one of Australia’s leading visual arts institutions. The National Gallery is based in Canberra and is a vital part of the Australian cultural landscape. Our Purpose is to collect, preserve, promote and share the national collection of art. The Vision of the National Gallery is to be the international reference point for art in Australia, inspiring all people to explore, experience and learn. Our Values include Boldness, Integrity, Respect, and Excellence.