Cyber Security Manager

About WorkCover Queensland

At WorkCover Queensland our vision is to be the best worker's compensation insurer, to make a positive difference to people's lives and to keep Queenslanders working. Our flexible work environment allows you to be your best every day and contribute to the big picture.

Our organisation is made up of individuals who collaborate and seek to engage others, working together as One Team. We embrace diversity and value people who bring personal energy and authenticity to everything they do. If you're someone with a strong values-oriented compass and you want to achieve sustainable outcomes, you will find a great community at WorkCover.

About the Opportunity: Cyber Security Manager - Protect

WorkCover is entering a new chapter under its 2030 Strategy, guided by renewed strategic focus and strong executive leadership. Reporting to the Chief Information Security Officer (CISO) and as part of the CISO Group Leadership Team, you will lead the Protect function, delivering measurable security maturity improvements.

You will safeguard our systems, data, and people through proactive risk management, innovative security solutions, and robust protective measures. Your work will strengthen safeguards across people, processes, and technology, embedding security practices that enhance organisational resilience.

This is a leadership role driving security improvements through cross-functional collaboration. You will champion a security-conscious culture, advise senior leaders, and represent WorkCover in sector and industry forums, influencing security practices across the industry.

In this role, you will:

• Leading the Protect function to deliver the cyber security strategy and roadmap in line with corporate priorities.
• Strengthening safeguards and resilience through the systematic application of security controls, aligned with NIST, ISO/IEC 27001, and Essential 8 requirements.
• Identifying, implementing, and measuring technical solutions that improve security protection.
• Developing strategies, policies, standards, and roadmaps in partnership with business leaders and external partners.
• Mentoring and developing cyber talent, building strong stakeholder relationships, and fostering a culture of professional growth and excellence.
• Managing risk, conducting incident reviews, embedding lessons learned, and ensuring budgets and vendor relationships deliver sustainable outcomes.

A bit about you

You are a high-calibre cyber security leader with strong GRC and technical foundations, who can balance strategic vision with the ability to deliver measurable, risk-based security outcomes. You are methodical in your approach, comfortable with data-driven decision-making, and adept at mapping controls across people, process, and technology to build maturity.

You thrive in complex, fast-evolving environments and can operate without a tightly defined role scope — adapting quickly to shifting priorities while maintaining focus on long-term objectives. You combine deep technical understanding with governance expertise and the ability to influence stakeholders at all levels.

You will also bring:

• Tertiary qualifications in cyber security, IT, or a related field, plus certifications such as CISSP, CISM, or CISA.
• 10+ years' IT/cyber security experience, with ideally 5+ years in a leadership role.
• Industry experience in financial services, insurance, consulting/advisory, or a related sector is advantageous.
• Proven success delivering measurable maturity uplift and embedding technical and governance controls that align with business objectives.
• Strong leadership, influence, and negotiation skills, with the ability to work across technical teams and executive leadership.
• Deep knowledge of security frameworks (NIST 2.0, ISO/IEC 27001, ACSC Essential 8) and relevant regulatory requirements (Privacy Act, Cyber Act).
• Experience in risk assessment, incident review, and the design of technical solutions to address identified gaps.

A bit about us:
The Cyber Security team sits within our Digital and Technology Group and is built on collaboration, trust, and shared purpose. We work hard, have fun, celebrate achievements, and enjoy coming together for team lunches and shared wins. We foster continuous learning and bring energy, authenticity, and support to everything we do in an inclusive environment.

Working in a collaborative team environment within a supportive and engaged organisation, you'll enjoy a hybrid work model, access to personalised learning and development opportunities and the holistic support of our health and wellbeing program. We offer industry competitive salaries, a generous superannuation scheme (including co-contribution) and study assistance. You can find out more about our Employee Benefits by visiting Working at WorkCover Qld.

How do I apply?
Please submit your resume and a covering letter of no more than two pages, highlighting your cyber security leadership achievements, examples of how you've enhanced organisational security maturity, and how you've implemented protection strategies that delivered measurable business outcomes.
Applications close at 5pm, Tuesday 16th of September.

Pre-employment checks will be conducted on all prospective employees. This will include a Right to Work in Australia Check, Police Check, Employment History Check, Reference Check and where appropriate a Visa Check. The information provided will be treated as confidential in accordance with the Information Privacy Act 2009 (Qld).

We are committed to ensuring WorkCover reflects the diversity of the Queensland community. We welcome applications from First Nations peoples, members of the LGBTQIA+SB community, people of all ages, people who are neurodivergent, people with disability, and people from culturally and linguistically diverse backgrounds. To provide you the best experience, we can support with accommodations or adjustments at any stage of the recruitment process. Simply inform our recruitment team during your conversation with them.

Please Note: WorkCover does not accept unsolicited resumes from agencies and will not be liable for related fees. All recruitment is managed internally. Agencies must not represent or promote WorkCover roles without prior written authorisation.