Cyber Security Governance Risk

**TAFE SA**
**Job reference**: 673881
**Location**: 5010 - REGENCY PARK
**Job status**: Ongoing
**Eligibility**: Open to Everyone
- **Ongoing position commencing July 2025**

**- Based at TAFE SA Regency Campus with hybrid work options**
**- AS08 salary range $121,107 - $127,679 p.a. + super**
**About TAFE SA**
Awarded the Training Provider of the Year at the 2021, 2022 and 2024 SA Training Awards, TAFE SA ensures all South Australian students have access to quality education and skills training across a number of regional and metropolitan locations.

By working with TAFE SA, you’ll have the opportunity to advance your career in a diverse and inclusive organisation, while helping to deliver job-ready skills and meaningful outcomes for students across our state.

**About the role**
TAFE SA is seeking an experienced leader for the role of **Cyber Security Governance Risk & Compliance Lead**. This pivotal position is responsible for safeguarding TAFE SA’s digital assets by ensuring compliance with Federal and State cybersecurity frameworks and industry best practices. This role is essential in strengthening the organisation’s security posture through governance, risk assessment, and compliance across all aspects of TAFE SA’s operations.

The Cyber Security GRC Lead will develop and implement policies, standards, and processes that support security objectives while enabling TAFE SA to deliver on its Strategic Plan. The Cyber Security GRC Lead will identify, assess, and monitor cyber risks, ensuring effective mitigation is in place.

The Cyber Security GRC Lead works closely with teams such as IT, Governance, Procurement, and Education, they will build strong cross-functional relationships to align stakeholders and support a secure, compliant environment.

By staying ahead of emerging threats, regulatory changes, and industry trends, the Cyber Security GRC Lead fosters a culture of security awareness and ensures TAFE SA remains resilient in a dynamic threat landscape.

**Key Outcomes of this role**
- Lead and manage the strategic planning, development, implementation and evaluation of a critical program of work that ensure TAFE SA cyber security governance frameworks, risk management strategies and compliance measures are aligned with Federal and State Government requirements.
- Oversee, coordinate and conduct a range of complex and critical functions and services that deliver and maintain a full scale cyber security risk management capability, including managing significant resources, facilitating risk assessments, ensuring risk and treatment owners are aware of their responsibilities, and providing regular reports.
- Lead, direct and conduct a program of work to implement, maintain and evaluate the TAFE SA Information Security Management System, including identifying, assessing and monitoring cyber risks, ensuring appropriate mitigation strategies are in place and continuously monitored.
- Lead the planning, development, implementation and evaluation of critical projects and continuous improvement programs for TAFE SA’s Cyber Security maturity in line with Federal and State frameworks and guidelines.
- Provide expert advice and consultancy services to TAFE SA technical teams, vendors, service providers and individuals from across TAFE SA to ensure stakeholders understand and monitor the material impacts of cyber security risks.
- Provide expert advice and assistance to senior IT leaders in the review and development of cyber security governance, risk and compliance strategies, the development and tracking of key performance indicators and metrics for GRC activities, and the resolution of complex issues.
- Promote a culture of continuous improvement in cyber security by developing and maintaining collaborative working relationships to facilitate appropriate, timely, efficient and effective governance of cyber security across TAFE SA.
- Represent TAFE SA on relevant projects, committees, forums and working groups related to cyber security and related governance, compliance and risk management.

**Essential Key Selection Criteria**
- Extensive experience in leading and managing a major enterprise program of work in cyber security governance and compliance projects and services, including working with executive, management, staff, vendors and service providers in a complex and geographically dispersed environment.
- Significant experience in identifying, analysing, translating and interpreting complex cyber security governance compliance frameworks and standards, to resolve complex problems and developing appropriate methodologies, standards and documentation to formulate and implement innovative, flexible and adaptable solutions and inform decision making.
- Highly effective communication and interpersonal skills with a significant capacity to advise on and present complex cyber security governance, risk and compliance related concepts clearly and concisely and tailor insights to a diverse range of stakeholders,