Head of Information Security
Cyber Strategy Leadership Role for a Trusted Australian IT Partner
About the Role:
We are seeking an experienced Head of Information Security to join our team, focusing on cyber governance, resilience, risk and client trust.
This is a senior, hands-on leadership role responsible for shaping and leading Experteq's information security strategy, governance and operational security capability. Reporting to the Chief Operating Officer, you will lead a specialist security team, advise executive and Board-level stakeholders, strengthen our security maturity, and ensure information security continues to enable trusted growth across Experteq and our clients.
This is also a commercial and service delivery role, supporting client trust, regulated industry outcomes and the continued growth of Experteq's security capability. Over time, the role may broaden in scope toward a more enterprise-wide CISO-style remit.
About Us:
Experteq is a proudly Australian-owned IT Managed Services Provider (MSP) and Professional Services Consultancy with over 30 years of experience. We deliver innovative technology solutions to more than 50 clients in the banking, finance, corporate, and government sectors nationwide, including 30% of Australia's Authorised Deposit-taking Institutions.
With a rich history and extensive experience in one of Australia's most regulated industries, our high-performing teams excel in collaborating with clients who demand the highest levels of security, compliance, and regulatory standards. We offer deep technical expertise across a comprehensive range of services, including trusted private and public cloud solutions, end-user services, and business optimisation.
What You Will Do Here:
Lead cyber strategy and security maturity: Set the direction for Experteq's information security function, strengthening governance, assurance, operational security and cyber resilience in support of business and client outcomes.
Own governance, risk and compliance: Lead information security governance, including the Information Security Council, policy framework responsibilities, control effectiveness, audit readiness and remediation activity.
Oversee assurance and regulatory frameworks: Manage compliance and audit programmes across SOC 2 Type 2, PCI DSS and other required frameworks, while supporting alignment with standards such as ISO 27001, NIST and APRA CPS 234.
Advise executives, Board Committees and clients: Prepare and present cyber risk reporting to internal forums and the Board Audit & Risk Committee, translating technical security matters into clear business, operational and commercial terms.
Strengthen incident response and operational security: Establish and maintain effective incident response capability, vulnerability management, breach investigation and remediation processes across Experteq and, where required, client environments.
Support trusted outcomes for regulated clients: Play a key role in helping Experteq maintain trusted, secure and compliant services for clients operating in highly regulated environments, including APRA-regulated organisations.
Lead and develop a high-performing team: Mentor, guide and develop Managed Security Specialists and Senior Security Specialists, ensuring capability, certifications, service quality and professional standards continue to mature.
Who You Are:
An experienced security leader: You have led information security teams in complex or regulated environments and understand how to balance security, commercial outcomes, client trust and operational delivery.
A hands-on leader: You are comfortable setting strategy while staying close to operational security, service delivery, incident response, remediation activity and team capability.
Confident at executive and Board level: You can present cyber strategy, risk, control effectiveness, incidents and remediation progress to Executive Leadership Teams, Board Committees and senior client stakeholders.
Strong across governance, risk and compliance: You bring working knowledge of frameworks such as APRA CPS 234, PCI DSS, ISO 27001, SOC 2 and NIST, and can apply them pragmatically in a business and client-service context.
Technically credible and commercially aware: You have strong information security knowledge across networking, operating systems, Microsoft 365 and Azure, application and infrastructure security, web and email security, databases, virtualisation, cryptography, firewalls, intrusion prevention systems and GRC tooling.
A trusted communicator and influencer: You can engage technical and non-technical audiences, influence enterprise-wide change, and embed security into major initiatives, transformation activity and customer-facing services.
Qualified and clearance-ready: You hold relevant qualifications in Computer Science, Information Systems, Cybersecurity or a related field. Certifications such as CISSP, CISM, GIAC or equivalent are highly desirable. You must have unrestricted permanent working rights in Australia and be willing to undergo background, police and Australian Government security clearance assessments as required.
Why You Will Love Working Here:
Hybrid & Flexible: Work 2 days in the office and 3 from home, with flexible hours that fit to the role and your life.
Prime Location: Our Sydney CBD office is right near the QVB and close to everything you need.
Culture & Community: We take our work seriously, not ourselves. Expect real collaboration, learning and shared wins.
Wellbeing & Support: Access mental health resources, confidential EAP, study leave and wellness perks that matter.
Leave Benefits: Get 12 weeks of universal parental leave plus a paid day off on your birthday.
Career Growth: Work with leading tech and industries, with clear support to grow your career.
Platform Role, Not BAU: Shape a security function that directly supports client trust, regulated industry outcomes and Experteq's future growth.
Recognition: Your contributions count. We celebrate wins, milestones and referrals with real rewards.
Diversity & Inclusion: We embrace diversity and inclusion that benefits everyone. We are proud to be an equal-opportunity employer that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment.
