
Principal Security Policy and Governance
2 days ago
Principal Security Policy and Governance, Ongoing opportunity based in Sydney CBD + hybrid/flexible working options available
The Department of Customer Service (DCS) is looking for a Principal Security
Policy and Governance to design, develop, implement, and
maintain department-wide security and governance policies, frameworks, and
standards- in line with the NSW Cyber Security Policy and NSW government cyber
security standard, DCS CISO strategy and changing threat landscape. This role
provides expert guidance, supports governance and audit requirements for policy
review, and strengthens policy maturity, without direct supervisory
responsibilities.
Benefits
- Salary Range $149,739 - $173,174+ 12% super, commensurate with experience
- Excellent leave entitlements and flexible working options
- Based from our office in Sydney CBD + hybrid working options available
About Us:
DCS is transforming the way NSW Government agencies interact
with customers. We are passionate about putting the customer at the centre of
everything we do and adopting new technologies to make government work better.
DCS is a service provider and regulator, focusing on delivering
first-class customer service, digital transformation and
regulatory reform to create better outcomes for the people of NSW.
The Governance, Risk and Compliance (GRC) team is a key function
within the Cyber and Information Security Office (CISO). The Security Policy
and Governance team develops and governs the cyber security policies,
frameworks, and standards that guide DCS and its agencies, ensuring compliance
with the NSW Cyber Security Policy and other relevant standards.
This role is pivotal in shaping security policy across DCS,
aligning with the DCS CISO strategy, responding to the changing cyber threat
landscape, and supporting agencies to strengthen their governance and
compliance maturity.
What You Will Be Doing
Are you ready to make a real impact on cyber security policy in
NSW? We're searching for a driven and passionate professional to take on a
pivotal role championing security policy, compliance, and risk management
initiatives.
Here's what you'll do:
- Policy Development: Create and maintain practical, effective security policies that empower DCS agencies and stakeholders. Your work will directly align with best-in-class standards like the NSW Cyber Security Policy, ISO 27001, NIST CSF, and CIS Controls.
- Policy Uplift: Take the reins on policy design, review, and uplift—ensuring our security approach remains strategic, forward-thinking, and resilient against evolving threats.
- Stakeholder Engagement: Engage with diverse internal and external stakeholders, guiding outcomes and driving a culture of robust security governance, no matter where the conversation takes place.
- Governance Support: Partner across agencies to assess policy gaps, strengthen compliance maturity, and deliver compelling policy briefings to senior leaders, committees, and suppliers.
- Compliance Support: Support self-assessments, audits, annual attestations, and regulatory reporting to ensure governance and assurance obligations are met.
- Simplifying Requirements: Translate technical and regulatory requirements into clear, actionable policy guidance that empowers everyone to do their best work securely.
- Model Professionalism: Bring a customer-first mindset, a strong sense of initiative, and a collaborative spirit to solve complex governance challenges as part of a high-performing team.
- Share and Grow: Actively contribute your expertise, support continuous learning within the team, and help raise the bar for governance and policy development across the board.
- Stay Ahead of the Curve: Stay informed on the latest cyber threats, industry standards, and regulatory changes, and use that knowledge to keep our security policies and processes at the leading edge.
If you're ready to champion positive change and thrive in a
dynamic, future-focused environment, we'd love to hear from you
About you:
To be successful in this role, you will be an experienced
security governance and policy specialist who is passionate about creating
clear, actionable, and strategic security policies. You will have a deep
understanding of government policy requirements and the ability to translate
complex security obligations into practical, effective guidance.
You are comfortable consulting with a wide range of
stakeholders, from senior executives to technical teams - and providing expert
advice on policy interpretation, compliance, and uplift activities. You thrive
in a collaborative environment, can quickly adapt to changing priorities, and
are driven to ensure policies remain relevant and effective in addressing
emerging security risks.
- 10+ years' experience in cyber security, ICT, governance, compliance, or cyber risk management within government or a highly regulated environment is a must.
- Strong writing skills with the ability to produce clear, concise, and actionable policy and governance documents.
- Proven stakeholder engagement and consultation experience across senior leadership, agencies, governance committees, and suppliers.
- Deep knowledge of governance frameworks (NSW Cyber Security Policy, ISO 27001, NIST CSF, CIS18) and public sector policy development processes.
- Experience in designing, reviewing, and uplifting security policies aligned with strategic objectives and evolving threats.
- Familiarity with compliance activities such as self-assessments, audits, attestations, and regulatory reporting.
- Ability to translate complex technical/regulatory requirements into practical, easy-to-understand policies.
- Knowledge of risk management, governance, and assurance frameworks will be highly regarded.
If you want to be part of this forward thinking, innovative team that thrive in challenging the status quo, we would love to hear from you
What we need from you:
To start your journey towards joining our team, please click on the link below and attach your resume (max 5 pages) and cover letter (max 2 pages).
A talent pool may be created from this recruitment process to fill future ongoing and temporary opportunities
Salary Grade 11/12, with the base salary for this role starting
at $149,739 base plus superannuation
Click Here to access the Role Description. For enquiries relating to recruitment please
contact Nicole Turner via
Visit the
Capability Application Tool to prepare for the recruitment process by accessing
practice application and interview questions based on the focus capabilities
listed in the role description.
Closing Date: 10am Wednesday 8th October
Careers at Department of Customer Service
A career at the Department of Customer Service (DCS) gives
you the opportunity to help improve government services and be part of reform that
benefits people across NSW. We are
focused on delivering excellent customer service, digital transformation, and
regulatory reform. Come join us and influence the future of our great state.
Belong in our diverse and inclusive
workplace
The
strength of our workforce lies in its diversity and embracing difference, while
the key to our success is leveraging the contributions of employees with
different backgrounds and perspectives.
You can view our full diversity and inclusion statement here.
We want you to bring your best self to this application process. If you have any support or access needs that may
require adjustments to allow you to fully participate in this selection process
(including an alternate format of the application form) please contact or
For more information, please visit
Information on some of the different types of disabilities
Information on adjustments available for the recruitment process
-
Principal Security Policy and Governance
2 days ago
Sydney, New South Wales, Australia NSW Government Full time $120,000 - $180,000 per yearPrincipal Security Policy and Governance, Ongoing opportunity based in Sydney CBD + hybrid/flexible working options availableThe Department of Customer Service (DCS) is looking for a Principal Security Policy and Governance to design, develop, implement, and maintain department-wide security and governance policies, frameworks, and standards- in line with...
-
Principal Security Policy and Governance
2 days ago
Sydney, New South Wales, Australia NSW Department of Customer Service Full time $149,739 - $173,174 per yearPrincipal Security Policy and Governance, Ongoing opportunity based in Sydney CBD + hybrid/flexible working options available The Department of Customer Service (DCS) is looking for a Principal Security Policy and Governance to design, develop, implement, and maintain department-wide security and governance policies, frameworks, and standards- in line with...
-
Principal Strategy Lead
1 week ago
Sydney, New South Wales, Australia Hays | Policy & Strategy Full time $80,000 - $100,000 per yearPrincipal Strategy Lead Your new companyThis organisation is an independent statutory body at the heart of the public sector, responsible for delivering trusted and transparent systems, processes, and oversight that underpin democratic processes in New South Wales. Their mission is to maintain public confidence in the integrity of elections and make...
-
Principal Governance
4 weeks ago
Sydney, New South Wales, Australia Buscojobs Full timeEligibility Open to Everyone Department for Health and Wellbeing – Commissioning & Performance – Data, Analytics and Insights (DAI)Salary: $108,109 to $116,864 – ASO7 – Full Time / Term Contract up to 2 Years Overview: The Principal Governance & Metadata Officer is primarily responsible for the implementation and ongoing facilitation, coordination,...
-
Data Governance, Principal Analyst
4 weeks ago
Sydney, New South Wales, Australia Australian Prudential Regulation Authority Full timeData Governance, Principal Analyst (2-year fixed term)APRA is seeking a Principal Analyst - Data Governance to join the team on a 2-year fixed term and will be responsible for embedding uplifted data governance policies, standards, and procedures as well as uplifting measurement and monitoring.The role will work closely with data domain leads, data,...
-
Principal Security Engineer, AWS Security
4 weeks ago
Sydney, New South Wales, Australia Amazon Web Services (AWS) Full timePrincipal Security Engineer, AWS SecurityJoin to apply for the Principal Security Engineer, AWS Security role at Amazon Web Services (AWS)Principal Security Engineer, AWS SecurityJoin to apply for the Principal Security Engineer, AWS Security role at Amazon Web Services (AWS)DescriptionThis position can also be based in Sydney, Australia.DescriptionThis...
-
Security Governance Analyst
2 weeks ago
Sydney, New South Wales, Australia NSW Department of Climate Change, Energy, the Environment and Water Full timeJoin to apply for the Security Governance Analyst role at NSW Department of Climate Change, Energy, the Environment and WaterJoin to apply for the Security Governance Analyst role at NSW Department of Climate Change, Energy, the Environment and WaterGet AI-powered advice on this job and more exclusive features.Do you want your work to make a difference for...
-
Security Governance Analyst
4 weeks ago
Sydney, New South Wales, Australia NSW Department of Climate Change, Energy, the Environment and Water Full timeJoin to apply for the Security Governance Analyst role at NSW Department of Climate Change, Energy, the Environment and WaterJoin to apply for the Security Governance Analyst role at NSW Department of Climate Change, Energy, the Environment and WaterGet AI-powered advice on this job and more exclusive features.Do you want your work to make a difference for...
-
Principal Policy Officer
4 weeks ago
Sydney, New South Wales, Australia NSW Government Full timePrincipal Policy OfficerBring your economic policy analysis and systems thinking skills to Insurance Monitor to make an impact for the people of NSWBe part of transformational projects which drive better insurance outcomes for the futureAdvance your career working with a highly skilled and motivated team in a small, independent agencyCentral Sydney location,...
-
Security Policy
4 weeks ago
Sydney, New South Wales, Australia PhoenixDX Full timeAs a modern, forward-looking business, PhoenixDX recognises at senior levels the need to ensure that its business operates smoothly and without interruption for the benefit of its customers, shareholders and other stakeholders.In order to provide such a level of continuous operation, PhoenixDX has implemented an Information Security Management System (ISMS)...