Information Security Manager (Cybersecurity)

TL;DR

Information Security Manager (GRC): Managing security governance, risk, and compliance for a major Australian Federal Government account with an accent on PSPF, ISM, and Essential Eight frameworks. Focus on developing accreditation artefacts, managing cybersecurity risk registers, and conducting IRAP assessments.

Location: Canberra, ACT. Australian Citizenship and an active Baseline (minimum) or NV1 clearance are essential

Company

A major Australian telecommunications company providing critical connectivity and security services.

What you will do

• Lead security governance, risk, compliance, and assurance activities in alignment with PSPF and ISM.
• Manage the identification, assessment, and treatment of cybersecurity risks and maintain risk registers.
• Develop accreditation artefacts including System Security Plans (SSPs) and Security Risk Assessments (SRAs).
• Manage security audits, IRAP assessments, and compliance remediation activities.
• Act as a trusted security adviser and represent the account in governance forums with customer security authorities.

Requirements

• Bachelor’s degree in Cybersecurity, IT, Risk Management, or a related field.
• 5+ years of experience in information security, with at least 3+ years in GRC or assurance leadership.
• Demonstrated experience in risk assessment and system accreditation within a federal environment.
• Australian Citizenship and an active Baseline (minimum) or NV1 clearance.
• Outstanding written and verbal communication skills for executive-level reporting.

Culture & Benefits

• Hybrid work arrangement: 3 days in the office, 2 days remote.
• Competitive remuneration and significant discounts on hirify.global products and retail partners.
• Inclusive paid parental leave of up to 16 weeks.
• Professional development through hirify.global U micro-credentials from La Trobe and Macquarie Universities.
• 24/7 access to free counselling and wellbeing support services.