Security Assurance Manager

Add expected salary to your profile for insights

About the role

We are seeking a highly experienced Security Assurance Manager to join our team at .au Domain Administration (auDA).

The Security Assurance Manager plays a critical role in strengthening auDA's cybersecurity posture and ensuring the ongoing resilience of our information assets, services and the .au domain supply chain. This position is responsible for developing, implementing, and overseeing robust security assurance frameworks, policies, and procedures.

What you'll be doing

Security Assurance

Developing and maintaining auDA's security assurance framework, policies, standards and processes in line with relevant regulations and industry best practices (e.g. ISO 27001, NIST, Essential 8)

Managing and overseeing a Security Assurance Program, engaging with the key stakeholders across the .au Domain Name System supply chain and conducting ongoing security assurance activities.

Performing security outreach and education activities to support improved security assurance outcomes both internally within auDA and across the .au domain supply chain.

Conducting regular security risk assessments, identifying vulnerabilities, and recommending appropriate mitigation strategies to reduce auDA's risk exposure.

Assessing, monitoring and managing auDA's supply chain security risks, including vendor third-party risks, and security risks across the whole .au domain supply chain.

Reviewing contracts to ensure any security risks are highlighted, raised and appropriately managed.

Leading a team of security professionals and cultivating a strong security-focused culture

Compliance

Supporting internal and external security audit activity to ensure compliance with security policies, regulatory requirements, international standards, and contractual obligations.

Driving the continuous improvement of security controls and processes through performance monitoring, incident reviews, and emerging threat analysis.

Monitoring changes to the regulatory, standards and contractual obligations compliance landscape to ensure new or emerging obligations are captured and addressed by auDA.

What we're looking for

A minimum of 5 years' experience in a dedicated Security assurance role and at least 10 years of experience in technology or security related roles.

Demonstrated expertise in developing, implementing, and managing security assurance frameworks, policies, and standards.

Demonstrated experience conducting security assurance activities in line with industry standards including: ISO27001, NIST CSF, NIST 800.53, ACSC's Essential 8, ASD Information Security Manual.

Proven experience in conducting comprehensive security risk assessments, vulnerability identification, and recommending effective mitigation strategies.

Strong background in supporting internal and external security audits, with a focus on compliance and continuous improvement.

Ability to drive and implement improvements in security controls and processes, utilising performance monitoring and threat analysis.

Strong analytical and problem-solving abilities, with a proactive and detail-oriented approach to information security.

Excellent communication and interpersonal skills, with the ability to provide expert security advice and guidance to diverse stakeholders.

A degree in a technology or security related field is advantageous.

Background in a regulated industry, such as financial services or critical infrastructure, is advantageous

What we offer

At .au Domain Administration Ltd., we are committed to providing a supportive and rewarding work environment. As a member of our team, you will have access to a range of benefits, including:

• Competitive salary and salary packaging

• Flexible working arrangements

• Ongoing professional development and training opportunities

• Comprehensive wellbeing programs

• An inclusive and collaborative culture that values your contributions

About us

.au Domain Administration (auDA) is the administrator of the .au domain name system (DNS), which is Australian critical infrastructure relied on by internet users in Australia and around the world. We are a not-for-profit endorsed by the Federal Government.

Our purpose is to administer a trusted .au domain for the benefit of all Australians and champion an open, free, secure and global internet.

To get started, simply click on Apply button and submit your up to date resume and cover letter.

Applications close at 5PM, Wed 20 August 2025.

Salary match Number of applicants Skills match

Your application will include the following questions:Which of the following statements best describes your right to work in Australia? How many years' experience do you have as an Assurance Manager?

Cyber Security Assurance & Reporting Specialist