We are seeking a Cybersecurity Consultant / Lead to join our team for an initial 1 month contract to provide expert security guidance during the early phases of a major digital transformation program. This shortterm engagement will focus on shaping the programs security posture, defining security requirements, assessing risks, and ensuring that architectural and delivery decisions align with government security expectations and the Information Security Manual (ISM). The role works closely with architects, data specialists, governance teams, and vendors to embed securebydesign principles from the outset. Key Responsibilities Lead the development of security requirements, security architecture inputs, and threat modelling for program components including cloud services, integrations, data migration, enterprise search, and application delivery. Conduct a highlevel security risk assessment (SRA) and support the creation of a security risk management plan for the program. Review proposed architectures, design documents, and solution options to ensure they align with ISM, PSPF, and other relevant government frameworks. Provide guidance on identity and access management, network security, data protection, encryption, logging and monitoring, vulnerability management, and secure deployment practices. Recommend controls, patterns, and mitigation strategies to reduce risks across data, application, cloud, and integration workstreams. Work with the DevOps and cloud teams to ensure secure configuration baselines, automation guardrails, and continuous compliance practices are established early. Support privacy considerations, ensuring security and privacybydesign principles are embedded. Prepare documentation and briefing material for governance forums, risk committees, and senior stakeholders. Provide handover and security artefacts to ongoing delivery teams to ensure continuity after the initial engagement period. Skills & Experience NV1 Security Cleared Extensive experience in cybersecurity roles within government or highly regulated environments. Deep understanding of ISM, PSPF, Essential Eight maturity, and other Australian Government security and privacy requirements. Proven experience conducting SRAs, threat modelling, and security design reviews for cloud, integration, data, and application platforms. Strong technical understanding of modern cloud security (Azure/AWS), including identity, network controls, encryption, monitoring, policy enforcement, and secure configuration baselines. Familiarity with enterprise platforms such as DAM systems, search technologies, data repositories, or content and web platforms is beneficial but not essential. Ability to communicate complex security concepts clearly to architects, engineers, delivery teams, and senior stakeholders. What Success Looks Like Security considerations embedded early, reducing downstream remediation and delivery risk. A clear security risk assessment and mitigation plan guiding program decisions. Architectural and technical designs aligned with government security expectations. A smooth transition of security insights, documentation, and guardrails to ongoing delivery teams. Seniority level MidSenior level Employment type Contract Job function Information Technology #J-18808-Ljbffr
Job Title
Cyber Security Consultant