Job Title

A global industry leading client of ours is seeking an experienced Information Security professional to manage and mature their ISMS across ISO27001 and IRAP frameworks. Australian citizenship is mandatory for this engagement. Key Responsibilities You will take ownership of the local ISMS, managing documentation, review cycles, internal and external audits, corrective actions, and quarterly control assessments. Maintaining compliance and risk registers, coordinating vendor risk assessments, and producing senior leadership reports will form a core part of your remit. You will also support incident response, business continuity planning, and data governance obligations. From an IRAP perspective, you will manage ATO requirements, maintain alignment with the Australian Government ISM and ASD''s IRAP Common Assessment Framework, and develop key security artefacts including the System Security Plan, Statement of Applicability, and Security Risk Management Plan. You will oversee technical configuration reviews and evidence collection to support assessment reporting. Beyond formal governance, you will collaborate with application owners on vulnerability remediation, coordinate cyber security incident communications between internal teams and clients, and support audit requests and client tender submissions. Role location Sydney, Melbourne or Brisbane based, remote with infrequent office visits. Skills & Experience You will bring five to seven or more years in IT risk and/or IT audit, with strong knowledge of ISO27001, IRAP, and the Australian Government ISM. Experience in regulated or multinational environments is expected, along with broad technical knowledge and excellent stakeholder engagement skills. Certifications such as CISM, CISSP, or ISO27001 Lead Implementer/Auditor are highly regarded. #J-18808-Ljbffr