Information Security Manager

Avant is Australia's leading medical defence organisation with a proud heritage of protecting Australian medical professionals for over 130 years.

Avant now represents 90,000 health practitioners and medical students across every state and territory, delivering market leading products and services to meet their professional, personal and practice needs. Building on this heritage, our vision is to be the most trusted professional partner in supporting doctors throughout their lives and careers.

About the role:

The Information Security Manager will serve as the primary point of contact between the cyber security function and the business. Reporting to the CISO and working as part of our Group Information Security team, this is a new divisional role responsible for our non-regulated businesses.

You will be accountable for overseeing operational information security, ensuring the effective delivery and monitoring of technology and digital security controls. This includes applying Avant's strategic vision to information security operations in close collaboration with external service providers, internal teams, and key stakeholders. You will also be responsible for operating within the strategic information security governance framework, aligning it with Avant's overarching strategy, policies, and practices.

The key responsibilities include:

• Manage and operate the cybersecurity governance framework and systems across non-regulated businesses.
• Enhance and support cybersecurity capabilities tailored to business needs.
• Oversee cybersecurity controls across the entire cyber lifecycle (concept to operations).
• Act as a cybersecurity subject matter expert (SME) liaising with various teams.
• Monitor cyber risk trends to anticipate impacts on the business.
• Follow risk remediation processes to ensure compliance and risk mitigation.
• Raise awareness and educate stakeholders on cybersecurity to improve culture.
• Translate security risks into business-relevant terms to align with business goals.
• Engage constructively with business partners on cybersecurity issues.
• Promote ownership and accountability of cybersecurity risks within the business.
• Advise on security risks tied to critical business decisions using data and expert insight.
• To be successful in this role you will have:

Skills and experience required:

• Tertiary qualifications in a business or technology related field.
• CISSP, CISM CRISC or other equivalent cyber security qualification.
• 8+ years of experience working in security risk management, governance, and regulatory requirements related to cyber security with a specific focus on business outcomes and service delivery.
• Experience working in and leading a cross functional team would be beneficial.
• Strong evidence of professional commitment to maintain currency of Cyber Security qualifications, knowledge and skills.

We have a diverse and connected work environment where your contribution and ideas will be valued and respected and make a real difference to the lives of others. We offer a range of benefits and opportunities to enable you learn and grow in your career.

For further information, please contact Sue Allen, Talent Acquisition Business Partner on

Equal Opportunity Employer

Avant supports doctors so they can serve Australia's diverse communities. Having diversity in our workforce brings valuable perspectives and strengthens our ability to support healthcare professionals.

We therefore welcome applications from people of all backgrounds, including Aboriginal and Torres Strait Islander peoples, people from culturally diverse communities, LGBTQIA+ individuals, people with disabilities, and those with caring responsibilities.

Our inclusive workplace is somewhere everyone can succeed.

Ready to join us? If you're passionate about supporting Australia's healthcare professionals, we'd love to hear from you. If you require any adjustments during the recruitment process, please don't hesitate to contact us