Cyber Security Controls Assurance & Compliance Lead

Primary LocationVIC - Melbourne - 655 Collins St

Job Description SummaryNew role in our Cyber Security & IT Risk function!

About the Role

We are looking for a Cyber Security Controls Assurance & Compliance Lead in this newly created role, to join our Cyber Security & IT Risk function. You will be highly skilled in cyber security controls (Essential 8 and ISO 27001 Standard) to drive compliance, enhance our security posture, and work with IT Asset Owners and other Security SMEs to mitigate our security risks. This role will be based at our Head Office, located directly across from Southern Cross Station, which offers a vibrant environment featuring a balcony, BBQ area, collaborative and quiet spaces, and plenty of natural light.

Your key responsibilities will include:

• Ensuring our company adheres to Essential 8 and ISO 27001 (and other as relevant) standards by implementing and maintaining security controls.

• Ensuring ongoing compliance with relevant security related laws, regulations, and industry standards (e.g., ISO 27001 and Essential 8 – among others).

• Working with designated Security Risk Owners to implement security controls to protect the company’s assets and data.

• Planning, managing and reporting on Annual Security Improvement Plan (ASIP) which will contain risk treatment plans, uplift IT controls, improve technical security solutions and other related security related improvements.

• Chairing and managing the governance meeting and processes for the ASIP, ensuring actions and tasks are prioritised, resourced and outcomes are reported on monthly.

• Maintaining and updating ASIP actions and status in JIRA.

• Preparing compliance reports to senior management, clients and regulatory bodies.

About you

Our ideal candidate will have:

• 3-5 years of experience in information security, compliance, or a related role – specifically implementing Essential 8 (at level 2/3 of maturity) controls and Annex A ISO 27001 standard controls.

• Bachelor’s degree in Information Security, Computer Science, or a related field.

• Relevant certifications such as CISSP, CISM, ISO 27001 Lead Implementer/Auditor, or similar are highly desirable.

• Previous IT Governance experience is essential for this role.

• Strong understanding of the Essential 8 security controls and ISO 27001 standards. Familiarity with other security frameworks (e.g., NIST, COBIT) is highly advantageous.

• Hands-on involvement in deployment of E8 and ISO27001 controls is necessary for this role.

• A mindset focused on delivery and action.

• Capability to manage and influence outcomes beyond your direct area of accountability.

About us

Service Stream is an equal opportunity ASX-listed business that develops and operates Australia's essential services networks across telecommunications, utilities, transport, defence, and social infrastructure industries. We keep communities connected.

Benefits of working with us include

• Flexible working - At Service Stream, all flexibility requests are genuinely considered. This position offers hybrid working.

• Growth – We are growing and there are opportunities for your career development across our business units.

• Discounts - Employee rewards program and employee discounts across hundreds of businesses such as Woolworths, Air BNB, The Iconic, JB HI-FI, Dan Murphys, Bupa Health Care, Specsavers and many more! We also offer access to novated leasing.

• Paid leave - Parental, cultural, community service, study, corporate volunteering and purchased leave available.

• Culture – We are dedicated to fostering a workplace environment that values diversity and inclusion, and we recognise and celebrate excellence throughout the year.

How to apply

Please submit your interest with the apply button where you will be directed to create a profile on our system. We celebrate diversity at Service Stream and would welcome applications from people who identify as Aboriginal and/or Torres Strait Islander, people with a disability or neurodivergence, and those from LGBTIQA+, Veteran or other diverse groups.

Feel free to email Talent.Corporate@servicestream.com.au for any inquiries on how we can best support you with reasonable adjustments to the recruitment process.

DepartmentGBIS

How to Apply

If this sounds like you apply now to the Service Stream Recruitment Team via the online application button.