You’ve felt it for a while now, that quiet frustration.

The sense that you’ve outgrown your role. Stuck in the same cycle, day after day. Doing what’s expected but knowing deep down you’re capable of so much more.

You feel stagnant and you want something to reignite your career.

You’re not learning. You’re not growing. And the longer it goes on, the more you feel like you could be adding much more value elsewhere.

Now picture this: stepping into a business at the start of a company-wide transformation, a real one, not just a buzzword on a slide deck.

All core systems are changing. Processes are being rebuilt. The way the company thinks, operates, and serves its customers is being reimagined from the ground up, underpinned by modern technology.

And right at the heart of that transformation? Governance. Risk. Security.

This isn’t about ticking compliance boxes. It’s about embedding trust and resilience into the DNA of a growing business.

In addition to the business transformation, the company has exciting aspirations to obtain ISO27001 and PCI compliance in the next couple of years.

You won’t be left to figure it out alone. You’ll work alongside an experienced IT Security Manager who will mentor you, challenge you, and give you the space to take real ownership.

This is a greenfield role. A blank page. A chance to help write the playbook for how security and risk are managed in a business where what you do will actually matter.

The business is big enough to stretch you and give you career progression opportunities, but small enough for your impact to be visible and for you to improve your breadth of skills.

Backed by committed C-level and board support, this is your chance to be part of something rare: a transformation you can help shape, and a role that can elevate your career and broaden your skills.

What you’ll do:

You’ll play a hands-on part in shaping and embedding cybersecurity, compliance, and risk management frameworks as part of the continued maturing of the function. You’ll ensure the confidentiality, integrity, and availability of the company’s information assets, directly contributing to the business transformation.

You’ll have the opportunity to work across key initiatives, embedding security into both new projects and everyday operations, while building strong relationships with technical and non-technical stakeholders across the business. This is a role where you’ll be trusted to think critically, collaborate openly, and help shape governance practices from the ground up, all within a high-performing IT team that values your contribution.

Who you’ll work for:

A forward-thinking services business. Here, you won’t be just another name on an org chart. You’ll be part of a close-knit, collaborative IT team where ideas are welcomed, and your contribution will be visible and valued.

What you’ll need:

· At least 3 years’ experience in an Information Security, Risk & Compliance role.

· Working knowledge of ISO 27001, NIST-CSF, and the Essential Eight.

· Strong understanding of governance, compliance, and risk management principles.

· Confident communication skills, able to work with technical and non-technical stakeholders.

You'll demonstrate a driven, energetic, and coachable mindset - with a genuine passion for security and risk, a clear sense of why this work matters, and the curiosity and hunger to keep learning.

Next steps from here:

If your CV isn’t perfect - don’t stress. Just send what you have, or call Matt at xceltium on 0406 505 591 for a confidential chat. You can also message me on LinkedIn. Every applicant will receive a response.