Cyber Security Program Manager

About the role

We are seeking an experienced Cybersecurity Program Manager to lead and
deliver enterprise -wide security initiatives across our Critical Infrastructure
company. This role will oversee a portfolio of cyber programs spanning IT and
OT (Operational Technology environments. You will work closely with technology,
risk, and business stakeholders to strengthen the cyber resilience, meet
regulatory obligations, and drive secure digital transformation across the
customer organisation.

Key responsibilities

• Lead the planning, governance,
  and delivery of cybersecurity programs and projects across IT and OT
  environments.
  
• Rollout multi -year
  cybersecurity roadmap aligned to business strategy and regulatory
  requirements in the Australian energy sector.
  
• Manage program budgets,
  timelines, risks, dependencies, and vendor engagements.
  
• Establish program governance,
  reporting, and executive dashboards for senior leadership and board -level
  stakeholders.
  
• Coordinate cross -functional
  teams including, security architecture, infrastructure, cloud,
  Applications and operational technology teams.
  
• Drive implementation of
  security frameworks such as ISO 27001, NIST CSF, Essential Eight, and IEC
  62443 for industrial control systems.
  
• Lead cyber risk assessments and
  remediation programs across enterprise and operational environments.
  

Required experience & skills

• 10+ years’ experience, with at
  least 3–5 years in cyber security  program or portfolio management
  roles.
  
• Proven experience delivering
  complex cybersecurity initiatives in energy, utilities, critical
  infrastructure, or industrial environments.
  
• Understanding of both IT and OT
  security (SCADA, ICS, network segmentation, etc.)..
  
• Excellent stakeholder
  management and communication skills, including executive -level reporting.
  
• Experience in working with
  Global delivery teams.
  
• Experience managing vendors,
  managed security services, and large transformation programs.
  
• Strong risk management and
  governance capabilities.
  

Desirable qualifications

• Experience in the Australian
  energy or utilities sector.
  
• Certifications such as CISSP,
  CISM, CRISC, PMP, PRINCE2, or equivalent.
  
• Experience with regulatory
  compliance and security frameworks relevant to Australia
  
• Knowledge of cloud security
  (Azure), identity security, and zero -trust architectures.
  
• Knowledge of Australian
  regulatory and industry obligations (e.g., SOCI Act, AER/AEMO guidance,
  privacy and critical infrastructure requirements).