Lead Information Security Engineer

VicRoads Registration and Licensing Services (RLS) has undergone a major organisational transformation and now, as a corporate entity, is creating a stronger business model to deliver VicRoads' long-term strategy.

The outcome of this corporate transformation is greater investment in our people, systems and technologies which will not only deliver greater capability internally but enable the delivery of new digital products and services to enhance the experience for our customers, our partners, and the Victorian community.

You have an amazing opportunity to make a truly significant impact on our team, the wider business as well as our stakeholders during this exciting period of growth for the company.

• Annual Salary Range: Commensurate with Experience
• Employment Type: Ongoing - Full-Time
• Usual Work Location: QV 180 Lonsdale Street CBD/ Work from home

Are you passionate about creating products and experiences that not only meet user needs but also captivate their hearts and minds? Are you excited about the challenge of balancing customer desirability with business viability, technology feasibility and broader business strategy to deliver exceptional experiences? If so, we have an incredible opportunity for you!

We are seeking a talented and driven individual to join our dynamic Technology Operations team. As a team member, you will play a pivotal role in working with our business and helping to support and provide engineering services to the digital platform. You will work alongside a group of passionate professionals who are dedicated to delivering innovative solutions that exceed customer expectations.

Your team is part of the Technology division, a team that are truly collaborative and passionate, and work closely together to deliver outcomes that positively transform the way our customers use our services.

About the Opportunity

The Lead Information Security Engineer drives the strategic and technical direction of cybersecurity initiatives, overseeing the design, implementation, and maintenance of security systems to protect IT infrastructure and data. This role ensures resilience against cyber threats, compliance with regulations, and proactive risk management, combining expert security knowledge with strong leadership and project management skills.

• Security Monitoring & Incident Management: Design secure architectures, integrate security into development processes, contribute to security roadmaps, oversee initiatives, and evaluate technologies to protect systems and address emerging threats.
• Incident Response & Threat Management: Lead incident response efforts, including detection, containment, and remediation, conduct forensic analysis to identify root causes, and manage incident response plans to ensure timely and effective threat mitigation.
• Risk Management & Continuous Improvement: Lead risk assessments and vulnerability management, ensure compliance with industry standards and regulations, collaborate with business units to meet security requirements, and drive continuous improvements in security operations and posture.
• Stakeholder Engagement: Integrate security into business processes, advise leadership on threats and best practices, support team development, and define security policies while advocating for awareness and reporting on cybersecurity posture.
• Documentation & Reporting: Create and maintain security documentation, including policies, procedures, and incident response plans, while keeping accurate records of security projects, incidents, and audits.
• Research & Innovation: Stay updated on cybersecurity trends, evaluate emerging technologies, and foster a culture of innovation to enhance security operations and drive continuous improvement.

About you

With 7+ years in information security, including 3+ in leadership, you excel in guiding teams, managing security operations, and aligning strategies with business goals. Skilled in SIEM tools, firewalls, IDS/IPS, EDR, SOAR, and cloud security (AWS, Azure), you bring expertise in risk management, compliance, and incident response.

Your strong technical foundation in networking protocols and scripting (Python, PowerShell) drives operational efficiency, while your leadership and communication skills foster team success and deliver results.

• Leadership: 3+ years in leadership or senior engineering roles with proven experience in leading and mentoring security teams, developing strategies, and managing security operations.
• Cyber Security: 7 years of experience in information security or cybersecurity roles
• Technical Expertise: You have experience with SIEM tools, firewalls, IDS/IPS, endpoint protection, EDR, network security, SOAR, and other security technologies.
• Risk Management: Strong knowledge of risk management practices, frameworks and regulatory compliance (e.g., VPDSF, PCI DSS, NIST, ISO 27001).
• Collaboration: Excellent Experience leading cross-functional projects and collaborating with other business units to implement security initiatives.

Culture:

To attract, retain and develop talented people, we provide genuine flexibility, a culture that supports people to be their best and on top of that - great opportunities for career development. We embrace diversity and inclusion and are proud our workforce reflects the community we serve.

What we offer:

• Competitive salary and benefits
• Supportive, diverse, and inclusive work environment
• Opportunities for professional and personal development
• Flexible working arrangements and family friendly practices

How to Apply

Please submit your application via the "Apply" button. Applications should include a resume and a brief covering letter. Applications close Sunday 27th 11:59pm

For a copy of the Position Description please email [email protected]

Unfortunately, applications cannot be accepted via this email.

Please note: This position requires the successful employee to provide evidence of being fully vaccinated against COVID-19, or medical evidence which confirms the individual is unable to receive a dose, or a further dose, of a COVID-19 vaccine due to a medical contraindication or an acute medical illness.

Failure to comply with this condition of employment will impact your eligibility for employment in this position with Vic Roads. VicRoads is required to evidence your right to work in Australia and may ask for your consent to check records maintained by the Department of Immigration and Border Protection as well as records maintained by Victoria Police and VicRoads as part of the selection process. Information provided to VicRoads will be treated in the strictest confidence.