Cyber Security and IT Governance Lead

Our client is a major global organisation with a long history in resources, energy and investment across Australia. Their Brisbane-based Finance, Accounting and IT Division is responsible for driving business resilience through strong governance, digital transformation and financial integrity.

As part of a renewed focus on cyber resilience, they are investing heavily in uplift programs, partnering with a leading MSP for delivery and a Big Four audit firm for assurance. This is a genuine ground‑floor opportunity to shape how cyber security and governance operate across an enterprise that is building from a low‑maturity baseline toward best practice.

Reporting to the Head of IT, the Lead – Cyber Security and Governance will design, implement and embed a practical cyber resilience strategy.

The position is hands‑on and outcome driven, responsible for strengthening the organisation’s security posture under the NIST framework and ensuring SOX aligned IT General Controls are met. It combines technical delivery with business engagement, requiring someone who can communicate risk in plain language, lead through influence and guide senior stakeholders through complex issues.

You will oversee cyber initiatives across identity and access management, incident response, vulnerability management and awareness training while maintaining compliance with audit standards. The role supports approximately 60 projects over the next 18 months, ensuring each aligns with the organisation’s risk and governance objectives.

This is an ideal position for a cyber leader who enjoys building capability, working collaboratively with managed service partners and turning frameworks into measurable outcomes. This role will be an initial 12–18‑month FTC.

• Deliver cyber and governance components across multiple concurrent projects
• Lead incident response, investigation, containment and structured post‑incident communication
• Conduct risk assessments, vulnerability analysis and recommend mitigation strategies
• Develop, implement and continuously improve a comprehensive cyber resilience strategy aligned to NIST
• Manage compliance with SOX and IT General Controls, working closely with internal stakeholders and external auditors
• Coordinate and manage the performance of MSPs, vendors and consultants
• Monitor and report on cyber risk, incidents and maturity improvements to senior leadership
• Drive staff awareness and training to strengthen a culture of security
• Collaborate with business leaders to embed security by design across systems and processes

• Bachelor’s degree in information technology, Computer Science, Cyber Security or a related field
• Professional certifications such as CISSP, CISM or equivalent preferred
• 5 to 10 years’ experience in cyber security management, governance or audit roles
• Strong understanding of NIST, SOX and Australian regulatory frameworks
• Skilled in incident management, stakeholder engagement and communicating complex information clearly
• Proven ability to deliver outcomes through MSPs and external partners
• Organised, analytical and proactive, with a focus on continuous improvement and business alignment
• High integrity and discretion, with strong decision‑making and influencing ability

This is a rare opportunity to lead a full cyber uplift program within a globally recognised organisation. You will shape the roadmap, establish the right frameworks and create lasting impact across the business.

For a confidential discussion, contact Ben Griffiths at P&C Partners on 0452 214 062 or email ben.griffiths@pandcpartners.com.au.