Manager Privacy, Data

**Join us to make a difference for all students in NSW**

**Position details**
- Clerk Grade 11/12
- Ongoing, full-time opportunity
- Close to Wynyard station & hybrid work arrangements available

**About the role**

Are you ready to make a real impact?

NESA is hiring for multiple roles in our newly established Cybersecurity, Information Assurance, and Data Protection team, and we are looking for passionate professionals to join us.

Led by our Chief Information Security Officer, this is more than a job. It’s an opportunity to help shape how data and information security is delivered across NESA, protecting sensitive information and building trust in the services that support students, teachers, and the community.

As Manager, Privacy, Data and Governance, you will an opportunity to influence strategy, implement robust information security and data governance practices, and protect sensitive information that impacts thousands of students and teachers across the state. You will drive compliance, embed a culture of privacy and security awareness, and ensure cybersecurity is fully aligned with NESA’s business and technology objectives.

On a day-to-day basis you will:

- Provide strategic oversight of cybersecurity, privacy, and data governance, aligned with NESA’s business and technology goals.
- Foster a culture of security and privacy awareness across the organisation and embed secure practices.
- Oversee records and information governance in line with the State Records Act, GIPA Act, and retention requirements.
- Drive the adoption of enterprise data governance frameworks, including classification, stewardship, access controls, and accountability models.
- Develop and implement a cybersecurity roadmap, overseeing architecture and maturity assessments.
- Monitor and manage cyber/data risks, maintaining risk registers, conducting assessments, and reporting to executive leadership.
- Develop and sustain security and privacy policies and governance structures aligned with NSW Cyber Security Policy, ISM, ISO 27001, and privacy legislation.
- Build strong relationships with senior stakeholders, NSW government agencies and regulators to ensure compliance and best practice.
- Translate complex cybersecurity, privacy, and governance challenges into risk-based, practical advice for business leaders.
- Provide clear and regular reporting to the executive team and board-level stakeholders.
- Experience overseeing security frameworks such as ISO 27001 and Essential Eight, as well as data protection and enterprise data governance.
- Knowledge of privacy legislation, including NSW PIPA 1998, HRIPA, and the Privacy Act 1988, with involvement in managing breach notifications and privacy governance.
- Background in leading change and contributing to improvements in cybersecurity and privacy capability within complex environments.
- Senior-level experience advising executives and driving outcomes in large or complex organisations.
- Strong stakeholder engagement skills, with the ability to influence and balance competing priorities.
- Leadership skills to guide, develop and drive performance in high-performing teams.
- Strong stakeholder management expertise, with experience navigating government processes.
- Demonstrated experience at a senior level providing authoritative advice to executive leadership.

Essential Requirements
- Tertiary qualifications in a relevant discipline or equivalent professional experience.

Download the role description.

**About us**

At the NSW Education Standards Authority (NESA) we work with the NSW community to drive improvements in student achievement.

We achieve this by supporting all school sectors with high-quality syllabuses, assessment (including managing the HSC and NAPLAN), teaching standards (e.g., accrediting teachers) and school environments (including setting and monitoring school standards).

To find out more about the important work we do for NSW visit our website.

**Ready to join us?**
- This role requires leading the integration of privacy, data protection, records management and cybersecurity functions, while ensuring compliance with strict legislative and regulatory requirements. Provide an example of a time when you successfully managed a complex privacy, cybersecurity, or information governance challenge.
- This role leads and develops a team while building strong collaborative relationships across NESA, other government agencies, and external stakeholders. Describe a situation where you led a team or project to deliver a significant organisational or technology-related change.

If you need reasonable adjustments for the recruitment process and workplace, please reach out to the contact person above.

**Close date: 16 September 2025 at 11.59pm AEST**

**Important information**

**Visa sponsorship is not available for this position**. For ongoing roles, you must be an Australian or New Zealand citizen or an Australian Permanent Resident. Australian Temporary Residents m