Manager, Cyber Security

Cyber Security Manager The Manager, Cyber Security reports to the Chief Information Officer (CIO) within the Information Services Department (ISD). The Department spans information management and ICT services, providing reliable and secure technology environments across on-premises and cloud platforms, infrastructure, and end-user devices. The team supports all National Gallery staff wherever they work, ensuring connectivity, mobility, and security across digital platforms. As a small, collaborative team, ISD members contribute across multiple capabilities, offering exposure to IT service management, infrastructure, end-user computing, cyber security, capital projects, and strategic ICT planning. The team plays a key role in delivering Gallery-wide initiatives from concept to implementation. The Cyber Security Manager plays a critical role in safeguarding the National Gallery's digital environment, assets, and information. The position leads the Gallery's cyber security strategy, procurements, projects, and operations to ensure compliance with Australian Government and ACSC guidance, uplift Essential Eight maturity, and build organisational cyber resilience. part of a hands-on information management and technology team, the role combines strategic leadership, technical expertise, education, procurement, project delivery, and governance reporting. It works across the organisation to strengthen security culture, implement effective controls and monitoring, and advise the CIO, Executive, Audit & Risk Committee, and Council on cyber risks, incidents, and performance. The Cyber Security Manager is responsible for implementing the Cyber Security Strategy and Roadmap and fulfilling the day-to-day ICT security responsibilities expected of an Information Technology Security Advisor (ITSA). Working closely with the CIO, infrastructure and operations teams, managed service providers, and vendors, the role oversees monitoring, event analysis, remediation, and proactive technical actions to maintain a secure, resilient, and compliant ICT environment, protecting users, data, and the National Gallery's digital assets that support Australia's national collection and public mission. Key Duties Develop, implement and maintain the Gallery's Cyber Security Strategy, policies, procedures and plans, aligned to the Australian Cyber Security Centre's (ACSC) Essential Eight, Protective Security Policy Framework (PSPF), and Information Security Manual (ISM). Provide expert advice to the CIO, Executive, and Council on cyber security posture, risks, incidents, and emerging threats in the role of Information Technology Security Advisor (ITSA). Lead the delivery of activities on the National Gallery's Cyber Security Strategy and Roadmap to uplift the organisations cyber security maturity. This includes leading the Essential Eight maturity uplift program, developing roadmaps, tracking progress, and embedding controls in daily operations and project delivery. Oversee day-to-day security operations including threat detection, vulnerability management, and incident response. Support colleagues as an active member of the IT team, troubleshooting, configuring controls, monitoring logs, and maintaining secure network, endpoint and cloud environments. Lead the implementation and maintenance and/or oversight of centralised logging, endpoint protection, patching, identity management, and support backup systems to ensure resilient operations. Ensure effective cyber security risk management plans and policies for information systems are in place, monitored and updated regularly. Deliver fit for purpose cyber security education and awareness activities for staff and promote a culture of cyber safety across the National Gallery. Undertake procurements and manage service contracts for delivery of cyber security services and projects and evaluate and report on the provision of these services. Prepare clear and concise reports and briefings for the IT Governance Committee, Audit & Risk Committee, and Council on cyber maturity, incidents, and mitigation progress. #J-18808-Ljbffr