Company description:

About Us

The Department of Transport & Planning brings together all transport modes to design, plan, build and operate Victoria's transport system. Our job is to further integrate the transport network and improve the delivery of services to Victorians for simpler, quicker and safer journeys that connect people and places and support Victoria's prosperity and liveability.
Mobility and Insights is a division the Department of Transport & Planning and is responsible for the delivery of better outcomes for users of the transport system through developing and coordinating customer and transport system insights, strategy and innovation.

We're focused on outcomes that deliver more choice, connections and confidence in our travel, ensuring the whole transport network works as one to deliver better services and outcomes.

The department is committed to building a culture where we say 'yes' to flexible work arrangements, provide personal and professional development programs and support ways of working that help employees balance work and life.

The department is an equal opportunity employer and welcomes applicants from a diverse range of backgrounds, including veterans, people who identify as Aboriginal and Torres Strait Islander, have a disability, are from varied cultural backgrounds and those who identify as LGBTIQ+. The department provides workplace adjustments for applicants with disabilities.

Investment and Technology is a Group within the Department of Transport and Planning, and is responsible for leading investment strategy and provide commercial and information technology services to drive high performance and improved commercial outcomes for the Transport and Planning portfolio and state.

Enterprise Technology is a division within Investment and Technology, and is reponsible for providing IT services and technology for DTP and delivery Corporate and Enterprise wide capabilities. Enterprise Technology performs a central role providing core IT operational services, cyber leadership, and documenting strategic directions for all of DTP's information technology.

Job description:

About the Role

The Portfolio Security Advisor is a position that sits within Information Security Team and is responsible for helping business teams and projects understand their information security risks, identify treatments to manage those risks and comply with DTP's and VPDSS Information Security standards and policies. The role is a key function that will contribute to the improving the maturity of the organisation's cybersecurity resilience.
The scope of the role will primarily focus on internal DTP divisions and business units, but it will also include engaging more broadly across the Victorian government Transport Portfolio to drive consistent maturity improvements and assurance across agencies, operators, and partners.
The Portfolio Security Advisor will also act as a gateway for project teams and business units to access and leverage centralised enterprise security capabilities such as security testing and incident management.

To access the Position Description, please click here.

We are seeking a skilled professional with strong expertise in partnership building, problem-solving, stakeholder management, and digital literacy. The ideal candidate will demonstrate resilience, outcome-driven thinking, and collaborative leadership to drive impactful solutions and foster effective relationships.

Position Outcomes / Accountabilities

• Compliance Leadership - Provide expert advice that ensures business teams comply with OVIC and DTP's standards to limit potential for data breaches or security incidents and limited or no adverse audit findings.
• Risk Management - Within the allocated portfolio group, information security risks have been identified, with treatment plans developed and implemented to ensure the business operates within the DTP risk appetite.
• Security Maturity - The advisor has provided innovative leadership in driving the transport portfolio's progress to achieve security maturity targets as described in the PDSP and other security frameworks in use.
• Stakeholder Engagement - Stakeholders perceive a supportive partnership approach that leverages their understanding of the business needs to identify pragmatic, yet compliant controls that provide data protection and operational resilience.
• Promote and support safe, inclusive, and flexible team operations.

Qualifications and Experience

Mandatory
• Substantial cybersecurity experience in policy, consulting, risk management or solution delivery roles.
• Working knowledge of relevant risk management frameworks and information risk assessments.
• Knowledge of, and practical experience working with security frameworks such as VPDSF, ISM, Essential 8, NIST CSF or ISO 27001

Desirable
• Degree or diploma in a relevant field.
• Security certification such as CISSP, CISM or CISA.
• Knowledge of OVIC security guidance and practices, such as VPDSS, PDSP and SSP.
• Understanding of, or experience with OT security controls.
• Ability to obtain an AGVSA Security Clearance to NV-1 level.

What we offer

• Meaningful work making Victorian communities more accessible and liveable
• Professional growth and development opportunities across the department and the wider Victorian Public Services
• A hybrid working model focused on collaboration and teamwork
• Optimal work-life balance initiatives including flexible working arrangements
• Opportunity to work across multiple urban and suburban hubs
• We prioritise the development of a safe and inclusive culture

Culture Value

We are an equal opportunity employer, embracing a diverse range of applicants such as veterans, and people who identify as Aboriginal and/or Torres Strait Islander, LGBTQIA community members, individuals with disabilities and/or health conditions, as well as those from varied faith and cultural backgrounds. At our department, we prioritize the development of a safe, inclusive, and high-performance culture through shared actions and behaviours that align with our strategy and direction. This empowers our employees to effectively contribute to our goals.

How to Apply

Click the ‘Apply' button and you'll be redirected to a new platform and create an account.

If have any issues, click here for Quick Reference Guide on how to apply.

Applications close 9pm on Monday, 17th of March 2025.

Please include a resume and cover letter. All applications must be submitted through the online portal. We're unable to consider email or manual applications at this time.

For further information about the role please contact Greg Adamson, Portfolio Chief Information Security Officer via [email protected].

Preferred applicants may be required to complete a police check and may be subject to other pre-employment checks. Information provided to the Department of Transport and Planning will be treated in the strictest confidence.

Please let us know by phone or email if you need any adjustments to fully participate in the recruitment process. If you require the ad or any attachments in an accessible format (e.g., large print) due to viewing difficulties or other accessibility needs, we are happy to accommodate.