Security Technical Assurance Specialist
Location: Melbourne
Team: Governance, Risk & Compliance (GRC) - Security Assurance
Hybrid working: 50/50 in the office
$880 per day + GST
Contact duration: 2 months
Start date: 27th of October

About the Role:
The Security Technical Assurance Specialist reports to the Manager of Security Assurance within the GRC & Advisory Services team. This hybrid Line 1 and Line 2 function operates and oversees the organisation's security risk and assurance program, ensuring compliance obligations are met and providing confidence to senior leadership that critical assets are appropriately protected.

This is a highly technical role focused on delivering security assurance across both IT and Operational Technology (OT) environments, with an emphasis on the telecommunications sector. The ideal candidate will have a strong background in complex technology environments, including network appliances, hybrid cloud infrastructure, operating systems, and mobility platforms.

The role involves assessing the effectiveness of security controls, validating compliance with key frameworks, and ensuring the integrity of security-related processes, metrics, and reporting—particularly in relation to the Security of Critical Infrastructure (SOCI) obligations. Responsibilities also include reporting on the maturity of the TSRMP (SOCI) Cyber framework, and reviewing secure source code, penetration testing outcomes (including red and purple team results) to provide assurance over the control environment.

Key Responsibilities:

• NIST Cybersecurity Framework (CSF), NIST 800-53 & NIST 800-82
• ACSC Essential Eight Maturity Model
• Protective Security Policy Framework (PSPF)

• Deliver and enhance the Security Assurance Strategy and associated assurance program.
• Conduct in-depth technical assurance reviews across IT and OT systems.
• Evaluate compliance with industry frameworks, including:
• Identify control gaps and provide risk-informed, evidence-based remediation recommendations.
• Develop and maintain assurance methodologies, control testing procedures, and reporting templates.
• Collaborate with internal teams to align security controls with business risk and compliance requirements.
• Support internal and external audits through evidence collection and control validation.
• Provide subject matter expertise in technical assurance across telecommunications environments.
• Support the development of dashboards and reporting tools to track control effectiveness and risk trends.
• Assist in the preparation of reporting for executive and board-level stakeholders on security risk and assurance matters.

To succeed in this role, you will have:

• Minimum 5 years' experience in security assurance, audit, or risk management roles.
• Deep understanding of security frameworks such as NIST, Essential Eight, and PSPF.
• Proven experience assessing and assuring technical controls, processes, and metrics.
• Strong knowledge of Operational Technology (OT) security—experience within the telecommunications sector is highly desirable.
• Excellent written and verbal communication skills, with the ability to influence and engage at all levels.
• Demonstrated ability to distill complex technical concepts into actionable recommendations.

If you are interested in this short term engagement please click apply today!!