Compliance Manager, PCI DSS

Help us deliver like never before

Australia Post is delivering like never before. From the vehicles that we drive, to the small businesses that make our communities thrive. We're delivering for the environment, for our communities, for our customers, and for our people. We're moving forward and we want you to come along for the ride.

About the opportunity

Reporting to the 'Head of Compliance Programs Manager', you serve as an independent adviser and subject matter expert, providing accurate, actionable, and customer-focused guidance to help Australia Post's business units effectively manage compliance risks. Through constructive engagement with senior leaders, the manager promotes strong governance and oversight, ensuring compliance objectives are achieved with precision and attention to detail.

What you'll deliver with us

You will lead compliance initiatives for Australia Post's Payment Card Industry Data Security Standards (PCI-DSS) and the Security of Critical Infrastructure Act (SOCI Act), developing frameworks that safeguard cardholder data and uphold national security. By demonstrating strong ownership and a commitment to precision, this role enhances resilience against threats, mitigates compliance and operational risks, and ensures regulatory obligations are fulfilled—contributing directly to business continuity and the organisation's reputation.

You'll also

• Develop and execute the PCI DSS compliance strategy, manage audits (including co-ordination with Qualified Security Assessors), and ensure ongoing compliance with PCI DSS requirements
• Monitor and assess internal systems, processes, and controls to ensure ongoing compliance with PCI DSS requirements
• Maintain documentation including policies, procedures, registers, and audit trails relevant to PCI DSS
• Maintain and facilitate review of the Critical Infrastructure Risk Management Program (CIRMP) and ensure compliance with the SOCI Act and relevant rules
• Ensure compliance with all relevant SOCI Rules, including those relating to business-critical data, supply chain risks, and physical and cyber security hazards
• Identify, assess, and mitigate risks impacting critical infrastructure assets, and lead cross-functional risk assessments
• Coordinate annual reporting obligations under the SOCI Act, including submission of CIRMP reports to relevant authorities

About you

• Tertiary qualifications in Information Systems, Business, Cybersecurity, Law, or any other relevant disciplines will be highly regarded
• Demonstrated experience in compliance management within regulated industries, and the ability to lead cross-functional initiatives and drive compliance culture
• Experience conducting and/or facilitating external audits and managing remediation activities
• Strong understanding of PCI DSS requirements and implementation strategies.
• Knowledge of the Security of Critical Infrastructure Act 2018 and associated regulatory frameworks
• Ability to translate complex technical requirements into practical business processes

How we'll deliver for you

• Join one of the most culturally and linguistically diverse workforces in Australia, where we're all ages, genders and come from all walks of life
• We deliver on our values of Trust, Inclusivity, Empowerment and Safety every day. They're the TIES that bind our team together
• Immerse yourself in the AP Way – where every single team member partakes in a learning module to help understand the vital role we play in delivering on our strategy and purpose

We're delivering together

At Australia Post, we acknowledge the Traditional Custodians of the land on which we operate, live and gather as employees.

We believe our business should reflect the diverse communities we operate in and are proud to be an inclusive workplace for people from all walks of life. We encourage applications from people of all ages, genders and backgrounds including Aboriginal and Torres Strait Islander peoples, People with Disability, LGBTQIA+ and Refugees. We are one of the largest organisations in Australia to successfully achieve Disability Confident Recruiter status. We are committed to providing an inclusive and barrier-free recruitment process and workplace for those living with a disability and are committed to reviewing and removing bias in our processes to create a gender-equitable recruitment experience and workplace. If you have any questions about accessibility, please contact our Diversity & Inclusion team on