EL1 Assistant Director Cyber Governance, Risk and Compliance

Location:
Adelaide, Brisbane, Canberra, Melbourne, Sydney
Employment status:
Ongoing
Hours:
Full-time
APS classification:
Executive Level 1
Applications close:
AEST

About the Role

The Assistant Director, Cyber Governance, Risk and Compliance will be responsible for leading the development and implementation of cyber security policies, standards, and risk assessments, while providing expert advice to senior leadership. The role oversees a small team to ensure ICT systems are compliant with Australian Government requirements and cyber risks are effectively managed. Working closely with key stakeholders, the position drives strong security documentation, audit and reporting frameworks, and provides specialist guidance to technical teams, supporting secure system development as well as change and incident management.

Accountabilities

  • Ensure a strategic and integrated approach to cyber-security risk management, with a focus on information management, staff development and risk-based decision making.
  • Determine security requirements by:
    • evaluating business strategies and requirements;
    • researching global information security standards and emerging technologies;
    • conducting system security reviews, vulnerability analyses and risk assessments;
    • developing and complying with architecture/platform standards;
    • identifying integration issues; and
    • preparing cost estimates for relevant cyber security work.
  • Document and analyse risks using the Information Security Manual (ISM) control framework and provide certification documentation (SOA, SSP, SRMP) for accreditation by the Head of Cyber Security or Chief Information Officer (CIO).
  • Ensure the development and implementation of plans, policies, work instructions and standard operating procedures to ensure an enhanced level of security compliance within AFSA.
  • Maintain security by:
    • monitoring and ensuring compliance to standards, policies, and procedures;
    • supporting incident response and analyses; and
    • providing advice and ongoing education to staff on managing ICT risks and threats.
  • Lead and build a team by:
    • establishing clear work expectations, systems and processes
    • encouraging and supporting of ongoing learning and development opportunities
    • providing regular feedback
    • identifying opportunities to enhance team performance in an environment of collaboration, continuous improvement and change.
  • Enhance security team competence and undertakings by:
    • mentoring team members and answering technical and procedural questions for less experienced team members; and
    • developing, promoting and coaching staff on improved processes.
  • Prepare system security reports by collecting, analysing, and summarizing data and trends.
  • Engage and manage contractors and consultants, as required, to contribute to delivery of secure services and projects.
  • Lead initiatives as a senior member of the Cyber Security Team and Technology Services Division within AFSA, including providing input to ICT strategies and operational plans and senior management discussions as required.

Qualifications and experience

Mandatory

  • VET or Tertiary qualifications in information management, computer science, information systems or equivalent experience
  • Certified Information Security Manager (CISM), Certified information Systems Security Professional (CISSP) or equivalent certification
  • Demonstrated experience in risk management, policy and strategy development
  • Demonstrated capacity to provide timely, compelling and concise advice to inform executive members and senior management to support decision making.

Preferred

  • Information Security Registered Assessors Program (IRAP)
  • SANS specific security training
  • Demonstrated experience leading a team to achieve high performance and meet organisational and business goals.

Why join us?

  • Generous employer superannuation contribution (15.4%)
  • A modern, flexible working environment
  • Access to the Employee Assistance Program
  • Flexible working arrangements, including remote work options and variable start/finish times where appropriate

We are committed to creating an inclusive workplace that values diversity. We welcome applications from First Nations peoples, people from culturally and linguistically diverse backgrounds, and people with disability. We support all employees to balance work, family, and personal commitments through flexible working options.

Eligibility

This role is open only to Australian citizens.

The successful candidate must either hold, or be willing to obtain, a security clearance at the Negative Vetting 1 level as a condition of employment. To satisfy character requirements all AFSA employees must undergo a police records check.

Please note that if you have received a redundancy benefit from an APS agency and your redundancy period has not expired, you may not be eligible for employment.

We encourage applications from culturally diverse backgrounds and people with disability.

How to apply

Applications close Sunday, 31 May 2026 at 11:59 pm (AEST)

To apply for this role, please click the ‘Apply’ button located on the job advertisement listed on the AFSA vacancies page. You’ll be relocated to our application portal which also provides step-by-step instructions to guide you through the application process.

RecruitAbility applies to this vacancy. If you apply under the RecruitAbility scheme, declare that you have a disability, and meet the minimum role requirements, you will be invited to participate in the next stage of assessment. For more information visit: https://www.apsc.gov.au/recruitability

Apply
How to apply for a job at AFSA Careers