Security Control Assessments Lead

Create impact as a Security Control Assessments Lead. 

 

Join the largest general insurance group in Australia and Aotearoa New Zealand. We’re a top-tier ASX-listed company helping to make the world a safer place through creating a stronger and more resilient business and enabling our portfolio of iconic insurance brands. 

 

 

Your Role 

As the Security Control Assessments Lead, you’ll be responsible for leading and managing the development, implementation, and ongoing improvement of IAG’s Security@Build assurance program.  

You’ll conduct security control assessment of solutions at the build stage, to verify alignment of the as-built controls with those specified in the upstream architecture and detailed designs. 

This role offers you the chance to apply your passion for cyber security in a meaningful and impactful way. 

 

Key Responsibilities 

• Conduct security control assessment of solutions at the build stage, to verify alignment of the as-built controls with those specified in the upstream architecture and detailed designs. 

• Identify control gaps and deficiencies and provide subject matter expertise and recommendations to resolve the control weaknesses. 

• Work collaboratively with internal and external stakeholders such as Information Security Managers, Senior Security Consultants, Enterprise Architects, Solution Architects, Security Architects, Technical Leads and Business stakeholders to ensure that security frameworks are continuously aligned with business requirements. 

• Prepare and deliver regular reports to senior management on the effectiveness of the organisation's Cyber control environment, including risks and recommendations. 

• Provide advisory and consulting services to ensure that security is fully embedded into the Architecture, Project, Software Development, Continuous Delivery and BAU activities. 

• Develop and refine control assessment methodologies, frameworks, and tools to enhance the robustness and scalability of assessment practices 

• Stay updated with the latest security trends, technologies, and regulatory requirements to continuously improve security controls and assessment processes and identify automation opportunities. 

• Lead a team of security professionals, fostering a culture of continuous learning and improvement. 

• Manage team performance and development, setting clear goals and expectations. 

• Manage vendor partner relationships, including offshore partner resources 

 

 

This is a permanent full-time role, and we welcome applicants from Gadigal Country (Sydney), Naarm (Melbourne), Meanjin (Brisbane). 

 

 

About You  

• Demonstrated experience to develop and deliver programs of work to continuously execute security control testing on IT systems and processes. 

• Demonstrated experience in Cybersecurity risk management and controls, including Cloud technologies and Cybersecurity controls assurance domains. 

• Good experience in Cyber Security, Risk Management, or IT Audit. 

• In-depth knowledge of information security domains and risks. 

• Hands-on experience with security assessments, audits, and compliance checks. 

• Ability to identify, assess, and prioritize risks associated with security controls. 

• Ability to create security reports and communicate results to executive management. 

• Exposure to APRA Prudential Regulations (including but not limited to CPS 234). 

• One or more relevant industry certifications, such as CISSP, CISA, ISO 27001 Lead Auditor, PCI-P/PCI ISA. 

• Thorough understanding of Cloud and other Security Standards/Frameworks e.g., CSA CCM, NIST CSF, ISO 27001/2, PCI-DSS, COBIT. 

 

 

Applications close Wednesday 4th June  2025  23:59pm AEDT. 

 

 

Joining IAG you’ll have access to raft of benefits from across the IAG group: 

• Boosted superannuation with 13% as standard 

• Up to 50% off personal insurance, including home and motor insurance 

• 5 myLeave days per year on top of annual leave 

• Work from home and many more flexibility options with myFlex 

• Dedicated career growth programs, including the award-winning IAG Academy 

• Inclusive leave such as public holiday swap and gender affirmation leave 

• Discounts on every day and special occasion items 

• A certified Family Inclusive WorkplaceTM 

*employment type eligibility criteria apply 

 

 

ABOUT US 

As part of IAG you'll enjoy a world of career opportunities, a purpose-led place focused on creating connection and belonging, and where you can create meaningful impact every day and grow your career beyond the expected. That’s not just words. It’s our people promise. We're ready for you with unexpected opportunities for your career, your work-life and your ability to make a difference. We celebrate all viewpoints shaped by life experiences and culture, and are guided by the knowledge and voice of Aboriginal and Torres Strait Islander peoples, businesses, and communities. We collaborate on Indigenous-led solutions that enable growth and create meaningful change for our customers and employees. 

 

We’re ready for you. Apply today.      

Learn more about who IAG is here