Principal Security Policy and Governance

2 days ago


Sydney, New South Wales, Australia myCareer - NSW Government Full time $149,739 - $173,174

Principal Security Policy and Governance, Ongoing opportunity based in Sydney CBD + hybrid/flexible working options available

 The Department of Customer Service (DCS) is looking for a Principal Security
Policy and Governance to design, develop, implement, and
maintain department-wide security and governance policies, frameworks, and
standards- in line with the NSW Cyber Security Policy and NSW government cyber
security standard, DCS CISO strategy and changing threat landscape. This role
provides expert guidance, supports governance and audit requirements for policy
review, and strengthens policy maturity, without direct supervisory
responsibilities.

 Benefits

  •  Salary Range $149,739 - $173,174+ 12% super, commensurate with experience
  •  Excellent leave entitlements and flexible working options
  •  Based from our office in Sydney CBD + hybrid working options available

 About Us:

 DCS is transforming the way NSW Government agencies interact
with customers. We are passionate about putting the customer at the centre of
everything we do and adopting new technologies to make government work better. 

 DCS is a service provider and regulator, focusing on delivering
first-class customer service, digital transformation and
regulatory reform to create better outcomes for the people of NSW.  

 The Governance, Risk and Compliance (GRC) team is a key function
within the Cyber and Information Security Office (CISO). The Security Policy
and Governance team develops and governs the cyber security policies,
frameworks, and standards that guide DCS and its agencies, ensuring compliance
with the NSW Cyber Security Policy and other relevant standards.

 This role is pivotal in shaping security policy across DCS,
aligning with the DCS CISO strategy, responding to the changing cyber threat
landscape, and supporting agencies to strengthen their governance and
compliance maturity.

 What You Will Be Doing

 Are you ready to make a real impact on cyber security policy in
NSW? We're searching for a driven and passionate professional to take on a
pivotal role championing security policy, compliance, and risk management
initiatives.

 Here's what you'll do:

  •  Policy Development: Create and maintain practical, effective security policies that empower DCS agencies and stakeholders. Your work will directly align with best-in-class standards like the NSW Cyber Security Policy, ISO 27001, NIST CSF, and CIS Controls.
  •  Policy Uplift: Take the reins on policy design, review, and uplift—ensuring our security approach remains strategic, forward-thinking, and resilient against evolving threats.
  •  Stakeholder Engagement: Engage with diverse internal and external stakeholders, guiding outcomes and driving a culture of robust security governance, no matter where the conversation takes place.
  •  Governance Support: Partner across agencies to assess policy gaps, strengthen compliance maturity, and deliver compelling policy briefings to senior leaders, committees, and suppliers.
  •  Compliance Support: Support self-assessments, audits, annual attestations, and regulatory reporting to ensure governance and assurance obligations are met.
  •  Simplifying Requirements: Translate technical and regulatory requirements into clear, actionable policy guidance that empowers everyone to do their best work securely.
  •  Model Professionalism: Bring a customer-first mindset, a strong sense of initiative, and a collaborative spirit to solve complex governance challenges as part of a high-performing team.
  •  Share and Grow: Actively contribute your expertise, support continuous learning within the team, and help raise the bar for governance and policy development across the board.
  •  Stay Ahead of the Curve: Stay informed on the latest cyber threats, industry standards, and regulatory changes, and use that knowledge to keep our security policies and processes at the leading edge.

 If you're ready to champion positive change and thrive in a
dynamic, future-focused environment, we'd love to hear from you

 About you:

 To be successful in this role, you will be an experienced
security governance and policy specialist who is passionate about creating
clear, actionable, and strategic security policies. You will have a deep
understanding of government policy requirements and the ability to translate
complex security obligations into practical, effective guidance.

 You are comfortable consulting with a wide range of
stakeholders, from senior executives to technical teams - and providing expert
advice on policy interpretation, compliance, and uplift activities. You thrive
in a collaborative environment, can quickly adapt to changing priorities, and
are driven to ensure policies remain relevant and effective in addressing
emerging security risks.

  •  10+ years' experience in cyber security, ICT, governance, compliance, or cyber risk management within government or a highly regulated environment is a must.
  •  Strong writing skills with the ability to produce clear, concise, and actionable policy and governance documents.
  •  Proven stakeholder engagement and consultation experience across senior leadership, agencies, governance committees, and suppliers.
  •  Deep knowledge of governance frameworks (NSW Cyber Security Policy, ISO 27001, NIST CSF, CIS18) and public sector policy development processes.
  •  Experience in designing, reviewing, and uplifting security policies aligned with strategic objectives and evolving threats.
  •  Familiarity with compliance activities such as self-assessments, audits, attestations, and regulatory reporting.
  •  Ability to translate complex technical/regulatory requirements into practical, easy-to-understand policies.
  •  Knowledge of risk management, governance, and assurance frameworks will be highly regarded.

 If you want to be part of this forward thinking, innovative team that thrive in challenging the status quo, we would love to hear from you 

 What we need from you:  

 To start your journey towards joining our team, please click on the link below and attach your resume (max 5 pages) and cover letter (max 2 pages).

 A talent pool may be created from this recruitment process to fill future ongoing and temporary opportunities

Salary Grade 11/12, with the base salary for this role starting
at $149,739 base plus superannuation

Click Here to access the Role Description. For enquiries relating to recruitment please
contact Nicole Turner via

Visit the
Capability Application Tool to prepare for the recruitment process by accessing
practice application and interview questions based on the focus capabilities
listed in the role description.

Closing Date: 10am Wednesday 8th October

Careers at Department of Customer Service
A career at the Department of Customer Service (DCS) gives
you the opportunity to help improve government services and be part of reform that
benefits people across NSW.  We are
focused on delivering excellent customer service, digital transformation, and
regulatory reform. Come join us and influence the future of our great state.

Belong in our diverse and inclusive
workplace   

The
strength of our workforce lies in its diversity and embracing difference, while
the key to our success is leveraging the contributions of employees with
different backgrounds and perspectives.

You can view our full diversity and inclusion statement here.

We want you to bring your best self to this application process. If you have any support or access needs that may
require adjustments to allow you to fully participate in this selection process
(including an alternate format of the application form) please contact or

For more information, please visit

Information on some of the different types of disabilities

Information on adjustments available for the recruitment process



  • Sydney, New South Wales, Australia NSW Government Full time $120,000 - $180,000 per year

    Principal Security Policy and Governance, Ongoing opportunity based in Sydney CBD + hybrid/flexible working options availableThe Department of Customer Service (DCS) is looking for a Principal Security Policy and Governance to design, develop, implement, and maintain department-wide security and governance policies, frameworks, and standards- in line with...


  • Sydney, New South Wales, Australia NSW Department of Customer Service Full time $149,739 - $173,174 per year

    Principal Security Policy and Governance, Ongoing opportunity based in Sydney CBD + hybrid/flexible working options available The Department of Customer Service (DCS) is looking for a Principal Security Policy and Governance to design, develop, implement, and maintain department-wide security and governance policies, frameworks, and standards- in line with...


  • Sydney, New South Wales, Australia Hays | Policy & Strategy Full time $80,000 - $100,000 per year

    Principal Strategy Lead Your new companyThis organisation is an independent statutory body at the heart of the public sector, responsible for delivering trusted and transparent systems, processes, and oversight that underpin democratic processes in New South Wales. Their mission is to maintain public confidence in the integrity of elections and make...

  • Principal Governance

    4 weeks ago


    Sydney, New South Wales, Australia Buscojobs Full time

    Eligibility Open to Everyone Department for Health and Wellbeing – Commissioning & Performance – Data, Analytics and Insights (DAI)Salary: $108,109 to $116,864 – ASO7 – Full Time / Term Contract up to 2 Years Overview: The Principal Governance & Metadata Officer is primarily responsible for the implementation and ongoing facilitation, coordination,...


  • Sydney, New South Wales, Australia Australian Prudential Regulation Authority Full time

    Data Governance, Principal Analyst (2-year fixed term)APRA is seeking a Principal Analyst - Data Governance to join the team on a 2-year fixed term and will be responsible for embedding uplifted data governance policies, standards, and procedures as well as uplifting measurement and monitoring.The role will work closely with data domain leads, data,...


  • Sydney, New South Wales, Australia Amazon Web Services (AWS) Full time

    Principal Security Engineer, AWS SecurityJoin to apply for the Principal Security Engineer, AWS Security role at Amazon Web Services (AWS)Principal Security Engineer, AWS SecurityJoin to apply for the Principal Security Engineer, AWS Security role at Amazon Web Services (AWS)DescriptionThis position can also be based in Sydney, Australia.DescriptionThis...


  • Sydney, New South Wales, Australia NSW Department of Climate Change, Energy, the Environment and Water Full time

    Join to apply for the Security Governance Analyst role at NSW Department of Climate Change, Energy, the Environment and WaterJoin to apply for the Security Governance Analyst role at NSW Department of Climate Change, Energy, the Environment and WaterGet AI-powered advice on this job and more exclusive features.Do you want your work to make a difference for...


  • Sydney, New South Wales, Australia NSW Department of Climate Change, Energy, the Environment and Water Full time

    Join to apply for the Security Governance Analyst role at NSW Department of Climate Change, Energy, the Environment and WaterJoin to apply for the Security Governance Analyst role at NSW Department of Climate Change, Energy, the Environment and WaterGet AI-powered advice on this job and more exclusive features.Do you want your work to make a difference for...


  • Sydney, New South Wales, Australia NSW Government Full time

    Principal Policy OfficerBring your economic policy analysis and systems thinking skills to Insurance Monitor to make an impact for the people of NSWBe part of transformational projects which drive better insurance outcomes for the futureAdvance your career working with a highly skilled and motivated team in a small, independent agencyCentral Sydney location,...

  • Security Policy

    4 weeks ago


    Sydney, New South Wales, Australia PhoenixDX Full time

    As a modern, forward-looking business, PhoenixDX recognises at senior levels the need to ensure that its business operates smoothly and without interruption for the benefit of its customers, shareholders and other stakeholders.In order to provide such a level of continuous operation, PhoenixDX has implemented an Information Security Management System (ISMS)...