Cyber Security Manager- Operations / Advisory | Fulltime | Sydney

About the Organisation

This organisation plays a vital role in supporting a complex, highly connected urban environment. It is purpose‑driven, community‑focused and committed to inclusion, sustainability and innovation.

The Opportunity

We are hiring for two Cyber Security Managers, each with a clearly defined focus:

• Cyber Security Manager – Operations
• Cyber Security Manager – Advisory

While the roles work closely together, they have distinct responsibilities and expectations. This approach ensures clarity for candidates while enabling strong collaboration across cyber security functions.

Role 1: Cyber Security Manager – Advisory

This role focuses on cyber strategy, governance, risk and assurance, partnering with technology and business stakeholders to enable secure outcomes.

Key responsibilities:

• Provide strategic cyber security advice across new initiatives, platforms, and services
• Lead cyber risk assessments, security assurance, and governance activities
• Maintain and uplift cyber security policies, standards and frameworks
• Manage third‑party security risk assessments and remediation oversight
• Lead or contribute to cyber security investigations from a risk and governance perspective
• Support governance of the Managed Security Services Provider (MSSP)

Ideal background:

• Strong experience in cyber governance, risk, compliance and advisory roles
• Deep knowledge of frameworks such as ASD Essential Eight, ISO 27001/27002/27005, NIST, ISM
• Experience providing clear cyber risk advice to senior stakeholders
• Azure / Entra ID security experience highly regarded

Role 2: Cyber Security Manager – Operations

This role leads hands‑on cyber security operations, ensuring effective detection, response and protection.

Key responsibilities:

• Lead cyber security operations, including incident response and investigation
• Own vulnerability management, patching and remediation prioritisation
• Coordinate penetration testing, vulnerability assessments, audits and social engineering activities
• Oversee operational delivery and performance of the Managed Security Services Provider (MSSP)
• Maintain cyber security procedures, registers and operational KPIs
• Continuously uplift security controls in response to the evolving threat landscape

Ideal background:

• Strong experience in security operations and incident management
• Hands‑on expertise with SIEM, EDR/XDR, vulnerability management, email and web security
• Experience across the Microsoft security ecosystem (Microsoft 365, Microsoft XDR, Azure)
• Proven operational leadership in complex environments

What Both Roles Require

• Tertiary qualification in Cyber Security, Information Security or IT, or equivalent experience
• Strong stakeholder engagement and communication skills
• Experience operating in large or complex organisations
• Cyber security certifications such as CISSP, CISA or CISM (highly desirable)
• Knowledge of Operational Technology (OT) security is an advantage

Why Join?

• Meaningful work protecting critical digital services
• Clear role ownership with strong collaboration across cyber functions
• Flexible, hybrid working environment
• Purpose‑driven workplace with a strong inclusion culture
• Opportunity to influence both strategy and real‑world cyber outcomes

If this sounds like you then apply today!

If you’re interested or know someone who might be — feel free to send an updated resume to [email protected]. If all aligns, you will be reached out.

We believe in working for a place that works for you. We have many flexible working options within our team so talk to us about which arrangements would work best for you.

When applying, please clearly state which role you are applying for:

• Cyber Security Manager – Operations, or
• Cyber Security Manager – Advisory