Deputy CISO

Datacom works with organisations and communities across Australia and New Zealand to make a difference in people's lives and help organisations use the power of tech to innovate and grow.

The Deputy Chief Information Security Officer (DCISO) will work closely with the Group Chief Information Security Officer (CISO) to strengthen and manage Datacom's internal information security posture across the Group. The DCISO will lead efforts to safeguard Datacom's data, systems, and networks from potential security threats while ensuring compliance with relevant policies and regulations.

This position is key in driving Datacom's cybersecurity compliance, risk management, and operational governance, reporting directly to the Group CISO. You'll play an integral role in supporting Datacom's security strategy and aligning it with regulatory requirements, business objectives, and client commitments, particularly in New Zealand, Australia, and global operations.

This is a high-impact role that involves close collaboration with the New Zealand Government Communications Security Bureau (GCSB) and providing leadership for cybersecurity operations across the organization.

As the DCISO, you'll be responsible for:

• Lead the implementation and operationalization of Datacom's cybersecurity compliance programs, ensuring alignment with Australian & New Zealand legislation, Essential 8 maturity, ISO 27001, SOC 2, and other relevant frameworks.
• Manage and monitor security operations, including threat detection, incident response, and vulnerability management, ensuring minimal risk exposure to Datacom and its clients.
• Oversee daily security operations, including secure architecture, project governance, and security posture monitoring for both public and private cloud environments.

• Lead compliance efforts across ANZ and act as the primary contact point for New Zealand government cybersecurity mandates, including GCSB Information Security Manual (ISM) and Protective Security Requirements (PSR).
• Ensure that security policies, procedures, and controls are regularly reviewed and aligned with regulatory and customer expectations.
• Lead the identification, assessment, and mitigation of cybersecurity risks, covering areas such as supply chain, data governance, and application security risks.

• Act as a trusted deputy to the CISO by providing operational expertise, guidance, and execution support.
• Serve as the primary contact point for GCSB and other key stakeholders.
• Collaborate with internal teams (e.g., Security Engineering, Security Operations) to ensure consistency in security practices and the effective delivery of cybersecurity services.
• Work closely with Group Technology and other departments to ensure security integration across all organizational operations.

To be successful, you'll need:

• A minimum of 8 years of experience in cybersecurity, including at least 3 years in a leadership or managerial role.
• Proven experience in managing compliance with ISO 27001, SOC 2, Essential 8, NIST CSF, and NZ's Protective Security Requirements (PSR).
• Strong experience in managing security incidents, investigations, and vulnerability assessments.
• Proficiency in security technologies such as PAM, endpoint detection, vulnerability management, and cloud security.
• Knowledge of current and emerging cybersecurity threats and vulnerabilities.
• Familiarity with AI security governance, supply chain risks, and certificate management strategies.
• Prior experience working with government agencies or regulated industries in New Zealand is highly desirable.

• Strong knowledge of security technologies, protocols, and best practices.
• In-depth understanding of cybersecurity frameworks (e.g., NIST, ISO 27001).
• Expertise in risk management principles and practices.
• Excellent leadership and team management skills.
• Proficient in managing security audits, compliance assessments, and vendor relationships.

• Lead and mentor a multidisciplinary team of cybersecurity engineers, risk analysts, and compliance specialists.
• Foster a culture of accountability, collaboration, and continuous improvement within the team.
• Provide career development opportunities to build and expand cybersecurity expertise across Datacom.

• New Zealand citizen with a current NZSIS/GCSB security clearance (with the requirement that this is maintained throughout the role).

Datacom is one of Australia and New Zealand's largest suppliers of Information Technology professional services. We have managed to maintain a dynamic, agile, small business feel that is often diluted in larger organisations of our size. It's our people that give Datacom its unique culture and energy that you can feel from the moment you meet with us.

We care about our people and provide a range of perks such as social events, chill-out spaces, remote working, flexi-hours, and professional development courses to name a few. You'll have the opportunity to learn, develop your career, connect and bring your true self to work. You will be recognised and valued for your contributions and be able to do your work in a collegial, flat-structured environment.

We operate at the forefront of technology to help Australia and New Zealand's largest enterprise organisations explore possibilities and solve their greatest challenges, so you will never run out of interesting new challenges and opportunities.

We want Datacom to be an inclusive and welcoming workplace for everyone and take pride in the steps we have taken and continue to take to make our environment fun and friendly, and our people feel supported.