This role is responsible for establishing, managing, and continuously improving cyber governance, security policies, standards, and procedures within a newly formed technology environment. The position plays a key role in strategic security planning, risk management, and compliance, with a strong focus on emerging technologies including Artificial Intelligence (AI), cloud platforms, and modern data ecosystems.

The role works closely with technical and business stakeholders to ensure security controls are embedded across platforms, programs, and delivery lifecycles, while proactively addressing evolving cyber threats.

• Lead the development, implementation, and continuous improvement of cyber governance frameworks, policies, and procedures, including governance models for Artificial Intelligence (AI) programs aligned to regulatory and ethical standards
• Establish and enhance governance processes for system releases, ensuring strong security controls across technology delivery
• Provide expert advice on the evolving cyber threat landscape and emerging risks
• Review technology solutions and provide security guidance to support secure design and delivery
• Define and oversee governance processes for development initiatives hosted in cloud environments, ensuring adherence to secure cloud practices and standards
• Ensure ongoing compliance with ISO 27001 and related information security standards
• Support the integration of AI governance, data protection, and privacy controls across platforms and programs
• Implement governance and security controls for modern data platforms, including structured, semi-structured, and graph-based data environments
• Develop and maintain data governance frameworks that support secure analytics, data sharing, and AI workflows
• Collaborate with cross-functional teams to identify security risks, define mitigation strategies, and maintain compliance with cybersecurity standards
• Provide expertise in secure system design, risk assessment, and threat modelling
• Conduct regular audits and reviews of AI initiatives, system releases, and new developments to ensure compliance and continuous improvement
• Embed security controls throughout the software development lifecycle (SDLC)
• Maintain clear, accessible documentation for governance processes, security protocols, and compliance activities

• 5+ years’ experience in cyber governance, risk management, and compliance, ideally within regulated or complex environments
• Strong understanding of AI-related risks, governance requirements, ethical considerations, and data privacy standards
• Knowledge of AI governance principles, ethical AI frameworks, and secure data handling practices
• Proven experience in cloud security, ideally within large-scale cloud platforms
• Strong working knowledge of ISO 27001 and information security management requirements
• Familiarity with Australian cybersecurity frameworks and standards (e.g. Essential Eight, ISM)
• Demonstrated experience in security risk assessment and mitigation across cloud, data, and AI environments
• Strong understanding of secure SDLC practices and security-by-design principles
• Experience designing and implementing governance frameworks, including documentation, workflows, and compliance tracking
• Strong stakeholder engagement skills with the ability to influence across technical and non-technical teams