Head of Information Security

Grow with an organisation dedicated to helping Australians improve their health.
- Leadership role with strong team management and effective security governance.
- Hybrid working (2 days) in our Haymarket office, near Central station.

**About us**

At Healthdirect Australia we work with purpose and dedication to help Australians actively manage and improve their health.

Our virtual services are easily accessible via multiple channels, including helplines, video call solutions and websites and cater for Australians at all stages of life. No matter where people live, or what time of the day or night it is, they can use our services to talk to a health professional, find trusted information and advice online and locate their closest health service.

**About the opportunity**

As Healthdirect’s Head of Information Security, you will join our Platform and Technology Division in a collaborative and supportive environment. You will play a pivotal role in enhancing, operating and maintaining Healthdirect Australia’s security governance and practices, ensuring a consistent approach across the organisation and its initiatives.

This leadership role is distinguished by strong team management and effective security governance, demonstrating expertise in developing practical, business-aligned security policies and procedures, along with a proven ability to deliver comprehensive security programs of work.

The Head of Information Security is responsible for overseeing the security team and operations, including the SOC (Security Operations Centre) ensuring the adherence to best practices in delivering Healthdirect's services.

Key Responsibilities:

- Provide strategic leadership and foster a high-performing, collaborative security team.
- Develop and execute enterprise-wide security strategies aligned with business goals and compliance needs.
- Establish and maintain effective security governance, policies, and performance metrics.
- Drive continuous improvement, risk assessments, and security awareness initiatives.
- Integrate security best practices across projects and technology operations.
- Ensure vendor and third-party compliance with security standards and contracts.
- Advise stakeholders on security risks, trends, and solutions to support informed decision-making.

**You can contribute through**:
We’re looking for an experienced, strategic, and technically adept leader with hands-on security experience and a proven track record in building and managing high-performing security teams. You will have strong leadership, communication, and stakeholder engagement skills with a customer-centric security mindset.
- 10+ years’ experience in technical security, including 7+ in diverse tech/business environments.
- Expertise in cloud security (AWS, Azure), Microsoft technologies, and full system lifecycle management.
- Deep knowledge of cybersecurity frameworks (ISO27001, NIST, CPS234, PSPF, ISM).
- Demonstrated success in leading security programs aligned with business goals and risk appetite.
- Skilled in governance, compliance, audits, KPIs, and budget/risk management.

**Why work with us**

We believe our strength comes from our talented and dedicated staff. We are committed to working together to create a culture where you can bring your whole self to work.

Our benefits include:

- Flexible work arrangements (2 days per week in office, pro-rated for part time employees);
- 14 weeks company Paid Parental Leave for both parents;
- Multi-dimensional wellbeing program that is run by our people for our people;
- Individual curated learner journeys to support you to expand your capabilities and unlock your talent.

To find out more about Healthdirect, and our vision for a healthier Australia, please visit our website - about.healthdirect.gov.au

As an Equal Opportunity Employer, we respect and seek to empower each individual and support the diverse cultures, perspectives, skills, and experiences within our workforce.