Portfolio Security Advisor

Job Description

Applications close Monday 17 March 2025 at 11.59PM Overview Work type: Ongoing - Full Time Salary: $134,593 - $180,115 Grade: VPSG6 Occupation: IT and Telecommunications Location: CBD Reference: 6783About the Role The Portfolio Security Advisor is a position that sits within Information Security Team and is responsible for helping business teams and projects understand their information security risks, identify treatments to manage those risks and comply with DTP's and VPDSS Information Security standards and policies. The role is a key function that will contribute to the improving the maturity of the organisation's cybersecurity resilience.The scope of the role will primarily focus on internal DTP divisions and business units, but it will also include engaging more broadly across the Victorian government Transport Portfolio to drive consistent maturity improvements and assurance across agencies, operators, and partners.The Portfolio Security Advisor will also act as a gateway for project teams and business units to access and leverage centralised enterprise security capabilities such as security testing and incident management. We are seeking a skilled professional with strong expertise in partnership building, problem-solving, stakeholder management, and digital literacy. The ideal candidate will demonstrate resilience, outcome-driven thinking, and collaborative leadership to drive impactful solutions and foster effective relationships. Position Outcomes / Accountabilities Compliance Leadership – Provide expert advice that ensures business teams comply with OVIC and DTP’s standards to limit potential for data breaches or security incidents and limited or no adverse audit findings. Risk Management – Within the allocated portfolio group, information security risks have been identified, with treatment plans developed and implemented to ensure the business operates within the DTP risk appetite. Security Maturity – The advisor has provided innovative leadership in driving the transport portfolio’s progress to achieve security maturity targets as described in the PDSP and other security frameworks in use. Stakeholder Engagement – Stakeholders perceive a supportive partnership approach that leverages their understanding of the business needs to identify pragmatic, yet compliant controls that provide data protection and operational resilience. Promote and support safe, inclusive, and flexible team operations. Qualifications and Experience Mandatory • Substantial cybersecurity experience in policy, consulting, risk management or solution delivery roles.• Working knowledge of relevant risk management frameworks and information risk assessments.• Knowledge of, and practical experience working with security frameworks such as VPDSF, ISM, Essential 8, NIST CSF or ISO 27001. Desirable • Degree or diploma in a relevant field.• Security certification such as CISSP, CISM or CISA.• Knowledge of OVIC security guidance and practices, such as VPDSS, PDSP and SSP.• Understanding of, or experience with OT security controls.• Ability to obtain an AGVSA Security Clearance to NV-1 level. What we offer Meaningful work making Victorian communities more accessible and liveable. Professional growth and development opportunities across the department and the wider Victorian Public Services. A hybrid working model focused on collaboration and teamwork. Optimal work-life balance initiatives including flexible working arrangements. Opportunity to work across multiple urban and suburban hubs. We prioritise the development of a safe and inclusive culture. Culture Value We are an equal opportunity employer, embracing a diverse range of applicants such as veterans, and people who identify as Aboriginal and/or Torres Strait Islander, LGBTQIA community members, individuals with disabilities and/or health conditions, as well as those from varied faith and cultural backgrounds. At our department, we prioritize the development of a safe, inclusive, and high-performance culture through shared actions and behaviours that align with our strategy and direction. This empowers our employees to effectively contribute to our goals. How to Apply Click the ‘Apply ’ button and you'll be redirected to a new platform and create an account. If you have any issues,click here for Quick Reference Guide on how to apply. Applications close9pm on Monday, 17th of March 2025 . Please include a resume and cover letter. All applications must be submitted through the online portal. We’re unable to consider email or manual applications at this time. For further information about the role please contactGreg Adamson, Portfolio Chief Information Security Officer via Preferred applicants may be required to complete a police check and may be subject to other pre-employment checks. Information provided to the Department of Transport and Planning will be treated in the strictest confidence. Please let us know by phone or email if you need any adjustments to fully participate in the recruitment process. If you require the ad or any attachments in an accessible format (e.g., large print) due to viewing difficulties or other accessibility needs, we are happy to accommodate. #J-18808-Ljbffr