Information Security Manager

VicRoads RLS, founded in August 2022 by a consortium of Aware Super, Australian Retirement Trust, Macquarie Asset Management, and the Victorian State Government, operates under a long term concession deed issued by the State Government. This strategic 40-year partnership is transforming VicRoads RLS into a more commercial, customer-centric, product led and digitally advanced organisation. Our purpose to ‘make services seamless and support safer networks for our communities’ drives our commitment to ensuring our customers get what they need, when they need it.   

Our organisational values steer our actions, decisions and behaviours as we progress on our path of transformation.  

We work collaboratively with the Victorian State Government to ensure we fulfil regulatory requirements, deliver State projects and safeguard customer data. The Victorian State Government retains sole responsibility for road access, infrastructure and safety 

• Annual Salary Range: Commensurate with Experience  
• Employment Type: Ongoing - Full-Time 
• Usual Work Location: QV 180 Lonsdale Street CBD/ Work from home

Are you passionate about creating products and experiences that not only meet user needs but also captivate their hearts and minds? Are you excited about the challenge of balancing customer desirability with business viability, technology feasibility and broader business strategy to deliver exceptional experiences? If so, we have an incredible opportunity for you! 

We are seeking a talented and driven individual to join our dynamic Technology Operations team. As a team member, you will play a pivotal role in working with our business and helping to support and provide engineering services to the digital platform.  You will work alongside a group of passionate professionals who are dedicated to delivering innovative solutions that exceed customer expectations. 

Your team is part of the Technology division, a team that are truly collaborative and passionate, and work closely together to deliver outcomes that positively transform the way our customers use our services.  

About the Opportunity 

The Information Security Manager leads the Security Engineering and Security Operations teams to protect the organization’s IT systems, infrastructure, and data from cyber threats. Reporting directly to the CISO, this role drives security strategy, focusing on advanced technologies, threat detection, incident response, and continuous improvement.

Overseeing security tool implementation and system maintenance, as well as incident monitoring and response, the manager ensures team alignment with organizational goals, policies, and industry best practices.

• Leadership: Lead and mentor the Security Engineering and Security Operations teams by fostering collaboration, accountability, and growth; setting clear objectives aligned with organizational goals; providing technical guidance; and establishing efficient processes for workload management and escalation. Integration Design
• Security Engineering: Oversee the design, deployment, and management of security infrastructure and tools, ensure seamless integration with IT systems, drive the implementation of security controls to mitigate risks, and evaluate new technologies to enhance the organization's security posture.
• Security Operations: Manage daily SOC operations, including monitoring and responding to security incidents; ensure effective incident response processes and robust detection capabilities; develop and refine response plans; and drive continuous improvement through workflow optimization, automation, and threat intelligence.
• Risk & Vulnerability Management: Oversee vulnerability management and remediation, evaluate security risks, ensure compliance with relevant standards, support audits, and deliver performance reports with key metrics on incidents, vulnerabilities, and security initiatives.
• Collaboration: Partner with the CISO to define and execute the security strategy, align security functions with business goals, collaborate with departments to integrate security into processes and ensure compliance, and provide regular updates to senior management on security performance and risks.

About you 

You have a strong track record in managing security operations, incident response, and vulnerability management, successfully leading cross-functional projects and collaborating with diverse teams. With expertise in SIEM tools, firewalls, IDS/IPS, endpoint protection, EDR, SOAR, and cloud security (AWS, Azure), you also bring a deep understanding of network protocols, encryption, and access controls.

Proficient in frameworks like VPDSF, PCI DSS, NIST, ISO 27001, and SOC 2, you combine technical skills with exceptional leadership, problem-solving, and critical thinking. Your ability to manage multiple projects in fast-paced environments, paired with excellent communication and collaboration skills, ensures effective stakeholder engagement and team alignment on security priorities.

• Leadership: Proven minimum of 7 years of experience in information security, including at least 5 years in a leadership role overseeing security engineering or operations teams.
• Technical Expertise: Proficient in using SIEM tools (e.g., Sentinel, Cortex XSIAM, Splunk, QRadar), firewalls, IDS/IPS, endpoint protection, EDR, network security, SOAR, and other security technologies.
• Collaboration: Excellent Experience leading cross-functional projects and collaborating with other business units to implement security initiatives.

Security Clearance requirement

• Baseline Clearance required to be successful in the role

Nice to have

• Advanced certifications (e.g., CISSP, CISA, CISM, CCSP, CompTIA Security, or cloud security certifications like AWS Certified Security Specialty).
• Experience with security program management and building a Security Operations Centre (SOC).
• Experience with large-scale security transformation projects or security tool implementation across complex environments.
• Experience with security orchestration, automation, and response (SOAR) tools.

Culture: 

To attract, retain and develop talented people, we provide genuine flexibility, a culture that supports people to be their best and on top of that - great opportunities for career development. We embrace diversity and inclusion and are proud our workforce reflects the community we serve. 

What we offer: 

• Competitive salary and benefits 
• Supportive, diverse, and inclusive work environment 
• Opportunities for professional and personal development 
• Flexible working arrangements and family friendly practices 

How to Apply 

Please submit your application via the “Apply” button. Applications should include a resume and a brief covering letter. Applications close Sunday 27th  11:59pm

For a copy of the Position Description please email talentacquisition@vicroads.com.au  

Unfortunately, applications cannot be accepted via this email.  

Please note: This position requires the successful employee to provide evidence of being fully vaccinated against COVID-19, or medical evidence which confirms the individual is unable to receive a dose, or a further dose, of a COVID-19 vaccine due to a medical contraindication or an acute medical illness.

Failure to comply with this condition of employment may impact your eligibility for employment in this position with Vic Roads. VicRoads is required to evidence your right to work in Australia and may ask for your consent to check records maintained by the Department of Immigration and Border Protection as well as records maintained by Victoria Police and VicRoads as part of the selection process. Information provided to VicRoads will be treated in the strictest confidence.