- Full-time, Ongoing position at HEW Level 9.
-
Parramatta South campus with flexible working arrangements.
-
Salary: $137,681 – $147,032 per annum, plus 17% Super and Leave Loading.
Lead Line 1 cyber and technology risk governance, assurance and secure-by-design oversight across the University.
The Opportunity
In this role, you will lead the Governance, Risk and Assurance (GRA) portfolio within Information Technology and Digital Services (ITDS), working within Security and Digital Operations. You will provide confidence to senior leaders, governance committees, auditors and relevant oversight bodies that cyber and technology risks are being appropriately managed and that key controls are fit-for-purpose and operating effectively.
You will shape how Line 1 cyber and technology risk is governed, measured and reported, ensuring alignment with NIST Cybersecurity Framework (CSF) 2.0, the University's risk appetite and its enterprise risk framework.
You will develop and maintain the ITDS governance, risk and compliance framework, including the Line 1 control library, policies, standards, control requirements, risk and issues registers and associated reporting. You will ensure that cyber and technology risks and control gaps identified through projects, third-party suppliers and service providers, incidents, technical assessments and assurance activities are consistently assessed, recorded, assigned, treated and reported.
You will oversee the Line 1 assurance plan and control testing program, bringing together design reviews, evidence-based control validation and technical assurance activities, including penetration testing and red teaming. You will ensure findings are clearly risk-rated, assigned to accountable owners, tracked through remediation and validated before closure.
You will also oversee the governance and assurance of secure-by-design practices, working closely with security and solution architecture teams to embed approved reference architectures, patterns and security guardrails into technology roadmaps, projects and major technology decisions. Alongside this, you will lead targeted cyber awareness and engagement initiatives informed by risk, incidents and assurance outcomes.
As a trusted advisor to the Chief Information Security Officer (CISO), you will translate technical and risk insights into clear, evidence-based advice for executives and governance forums, while leading and developing a team of specialist practitioners.
What Success Looks Like:
-
A current and practical ITDS GRC framework and Line 1 control library aligned to NIST CSF 2.0, enterprise risk arrangements and the University's risk appetite.
-
A reliable risk and issues register that integrates cyber and technology risks identified through projects, third-party suppliers and service providers, incidents and assurance activities.
-
An integrated third-party cyber risk approach that ensures material supplier risks, control gaps, remediation actions and accepted residual risks are visible, owned and reported.
-
A risk-based assurance plan delivering evidence-led testing, clear reporting, accountable remediation and validated closure.
-
Clear KRIs, KPIs and control effectiveness measures that support decision-making by ITDS leaders and governance committees.
-
Secure-by-design guardrails demonstrably incorporated into technology roadmaps and delivery activity, resulting in improved risk outcomes.
-
Measurable cyber culture uplift through targeted awareness and engagement initiatives informed by risk and assurance insights.
About You
-
Tertiary qualifications in information technology, cyber security, risk management or a related discipline, or equivalent relevant experience.
-
Extensive experience leading governance, risk and assurance activities in a complex organisation.
-
Strong working knowledge of cyber and technology risk frameworks and standards, such as NIST CSF 2.0, ISO/IEC 27001, ISO/IEC 27005, ISO 31000 and the Essential Eight.
-
Experience establishing or managing assurance testing programs, control effectiveness reviews, risk treatment oversight and evidence-based reporting.
-
Experience overseeing third-party cyber risk or supplier assurance activities, including the assessment, treatment and reporting of material technology supplier risks.
-
Experience working with technology delivery, architecture and secure-by-design practices in complex digital environments.
-
Demonstrated ability to lead specialist practitioners and provide clear, evidence-based advice to senior leaders and governance forums.
-
Strong written and verbal communication skills, with the ability to translate technical risk into practical business decisions.
Benefits
We invest in the people who make our mission possible. Alongside a rewarding career, we offer a range of benefits designed to support your financial, personal and family wellbeing.
-
Financial benefits: Access to staff-only products and offers with selected banking partners, salary sacrifice options for onsite parking, and novated motor vehicle leasing.
-
Health and wellbeing support: Free Employee Assistance Program (EAP), complimentary annual flu vaccination, eligibility for Fitness Passport membership, and access to discounted private health cover.
-
Onsite childcare: Long day care and early learning services operate at our Campbelltown, Hawkesbury, Parramatta, and Penrith campuses. Staff may be eligible for discounted fees and salary packaging, with places subject to centre capacity.
Application Details
-
Position Enquiries: Direct to Brooke Jim, Executive Portfolio Coordinator, Digital Services via [email protected]. Please include the job reference code REF1425S.
-
Closing Date: 11:59pm, Thursday 18 June 2026.
-
Checks: Appointment to this position is subject to a satisfactory National Police Check.
-
Working Rights: You must provide evidence of full-time working rights in Australia at application.
-
How to Apply: Please note that only applications submitted via the University’s online recruitment system will be considered. As part of your online application, you will be asked to respond to screening questions addressing the key qualifications, experiences and skills required for this position.
Belonging at Western
We are committed to substantive equality as outlined in our Equal Opportunity Policy. We actively encourage applications from Indigenous Australians, candidates of all gender identities and expressions, people of all abilities, and those from culturally and linguistically diverse backgrounds.
For Reasonable Adjustments during the application process, please contact [email protected].
About Western
This is your opportunity to be part of something bigger. By joining Western Sydney University, you become a valued member of our community. As our region changes, so too does our university. Western is boldly different, energetic, global, diverse, dynamic, and youthful.
Our mission is to deliver student success, impactful research, and stronger communities. As part of our team, you will have a stake in shaping the future of education, broadening horizons, and changing lives. Making a difference starts at Western.
For the latest please visit our website and LinkedIn.
