This position sits within the Business Services Unit, Cyber Security section, within the Corporate Branch. The IT Security Adviser (ITSA) is the head of cyber security who leads the agency’s cyber security strategy, governance, and operations, and supports whole-of-agency ICT delivery and uplift activities in alignment with Australian Government security frameworks, including the PSPF and ISM.

The ITSA provides independent and impartial advice to the Executive Board, Chief Information Security Officer and Chief Information Officer and works closely with the Protective Security team on all security-related matters. The role supports effective cyber security risk management, assurance, and compliance by contributing to security monitoring, auditing, and reporting activities, and by supporting incident response and continuous improvement of the agency’s security posture.

Key Duties:

• The ITSA provides support and advice to senior management and agency staff on cyber security matters.
• Lead and oversee the development, implementation, and continuous improvement of cyber security strategy, policies, and frameworks aligned with PSPF and ISM requirements.
• Design and implement cybersecurity policies, risk management, and ICT security audits.
• Provide strategic advice to the Executive Board and senior stakeholders on cyber security risks, threats, and mitigation strategies across the agency.
• Oversee and coordinate vendor-managed SIEM, Virtual SOC, SIG, and SEG functions to respond to active security threats.
• Drive agency-wide security uplift initiatives, including IRAP assessments, Essential Eight maturity, and security compliance programs.
• Oversee incident response capability, ensuring effective identification, containment, reporting, and remediation of security incidents.
• Lead and coordinate cross-agency collaboration with internal branches (e.g. CTO, Digital Sourcing branch) and external stakeholders to strengthen security posture.
• Oversee procurement and assurance activities for cyber security services (e.g. penetration testing, IRAP, managed security services).
• Ensure strong governance, audit readiness, and evidence-based reporting for internal audit, external audit, and regulatory obligations.
• Provide leadership to multidisciplinary teams, fostering a high-performance culture focused on risk management, innovation, and continuous improvement.
• This role involves the management, development, and supervision of staff within the agency’s cyber security team.

Please note: This role may require interstate travel from time to time.

To be eligible for employment with the DTA applicants must be an Australian citizen.