Interim 6 months + ext
Interim CISO — IRAP Readiness Federal Agency (via Paxus)
97 general
Lead an IRAP-aligned uplift program for a PROTECTED workload. Run E8 ML2→ML3 roadmap, system security plans, and stakeholder engagement with ASD.
IRAP Essential Eight ISM PROTECTED
Lead with a 2-line proof point on IRAP. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Contract 12 months
Information Security Manager (Contract) National Employment Services Provider
95 general
Own RFFR governance, subcontractor uplift, and ISO 27001 surveillance audit. Direct experience with DEWR compliance frameworks essential.
RFFR ISO 27001 DEWR Workforce Australia
Lead with a 2-line proof point on RFFR. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Contract 6 months
Security Manager — RFFR Provider Mid-tier Employment Services
94 general
Stand up RFFR self-assessment, subcontractor governance and Essential Eight evidence pack ahead of DEWR submission window.
RFFR DEWR Subcontractor
Lead with a 2-line proof point on RFFR. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Part-time 3 days / week, 6 mo
vCISO — NFP Sector Altivio-style advisory engagement
93 general
Stand up a security program from scratch for a national NFP. Risk framework, ISMS, board reporting, and Essential Eight baseline.
vCISO ISO 27001 Governance
Lead with a 2-line proof point on vCISO. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Contract 6 months
Essential Eight Uplift Lead State Government Department
92 general
Take an existing ML1 baseline to ML3 across application control, patching, MFA and admin privileges. Vendor and tooling discretion provided.
Essential Eight ML3 ASD
Lead with a 2-line proof point on Essential Eight. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Contract 12 months
Principal Security Advisor (Contract) Commonwealth Bank of Australia
92 general
Listed on CBA's own careers site only. Advise on CPS 234 uplift and cloud control assurance.
Banking APRA CPS 234 Cloud
Lead with a 2-line proof point on Banking. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Contract 6 months + ext
IRAP-Aligned Cloud Security Lead GovTech SaaS (via Finite IT)
91 general
Drive IRAP readiness for an Azure-hosted SaaS targeting PROTECTED. SSP authoring, control evidence, and assessor liaison.
IRAP Azure PROTECTED
Lead with a 2-line proof point on IRAP. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Permanent Full-time Ongoing
Head of Information Security Canva
91 general
Lead the InfoSec function for a global product. Direct hire from Canva's careers site — not syndicated to Seek or LinkedIn.
SaaS Cloud Security ISO 27001 SOC 2
Lead with a 2-line proof point on SaaS. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Interim 6 months
Interim Head of Information Security NZ Crown Entity (via Talent Intl)
90 general
Bridge role while a permanent CISO is recruited. NZISM alignment, board reporting, and oversight of an in-flight Zero Trust program.
NZISM ISO 27001 Crown
Lead with a 2-line proof point on NZISM. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Day-rate 4 months
ISO 27001 Implementation Consultant FinTech Scale-up
89 general
Drive certification readiness from gap assessment to Stage 2 audit. AWS-native environment with terraform-managed controls.
ISO 27001 SOC 2 Cloud
Lead with a 2-line proof point on ISO 27001. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Permanent Full-time Ongoing
Cyber Security Manager Atlassian
89 general
Sourced directly from Atlassian's careers portal. Manage trust & compliance program across Jira/Confluence Cloud.
Trust SOC 2 FedRAMP AWS
Lead with a 2-line proof point on Trust. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Fixed-term 9 months
Cyber Risk & Compliance Lead Tertiary Education Provider
88 general
Operationalise an enterprise IT risk framework, lead ISO 27001 surveillance, and uplift third-party risk reviews.
ISO 27001 Risk TEQSA
Lead with a 2-line proof point on ISO 27001. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Permanent Full-time Ongoing
Senior Information Security Lead Xero
87 general
Direct from Xero's careers page. Lead security architecture and compliance across product squads.
SaaS ISO 27001 Privacy Act NZ
Lead with a 2-line proof point on SaaS. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Contract 12 months
GRC Lead — Zero Trust Program Big-4 Bank (via Peoplebank)
86 general
Embed governance for an enterprise-wide Zero Trust uplift. APRA CPS 234 alignment, control mapping, exec dashboarding.
Zero Trust GRC APRA CPS 234
Lead with a 2-line proof point on Zero Trust. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Permanent Full-time Ongoing
Security Governance Lead REA Group
86 general
Direct from REA Group careers — bypasses Seek/LinkedIn. Run governance and risk for realestate.com.au.
ISO 27001 Risk AWS Product
Lead with a 2-line proof point on ISO 27001. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Advisory 12 months
Cyber Advisor — Pacific Regional Program DFAT-funded Capability Program
84 general
Advise Pacific Island Government partners on cyber governance maturity, incident response capability, and policy uplift.
DFAT Capacity Building Governance
Lead with a 2-line proof point on DFAT. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Fixed-term 12 months
Information Security Officer Telstra
84 general
Posted only on Telstra's own careers site. SOCI Act uplift across critical telco assets.
Telco SOCI Act Critical Infrastructure
Lead with a 2-line proof point on Telco. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Permanent Full-time Permanent
Cyber Governance Lead — Health Public Health Network
82 general
Lead privacy & security governance across a federated network of providers, with a focus on third-party risk and incident readiness.
ISO 27001 Health Privacy Act
Lead with a 2-line proof point on ISO 27001. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.
Casual As needed
Casual Security Assessor State Government — Digital Branch
78 general
On-call security assessment support for ad-hoc audits and compliance checks across state agencies. Flexible roster.
Assessment Casual Government
Lead with a 2-line proof point on Assessment. Quantify outcomes (timeline, $, risk reduced) and name the framework you'll bring on day one.