IT Cybersecurity Manager
Job description
Cyber Security Manager – Governance & Uplift (Non‑Technical)
Brand‑new role to help St Vincent De Paul (Vinnies), values‑led organisation move from “foundations in place” to consistent, business‑wide uplift. The cyber roadmap and governance structures are defined and you’ll be the facilitator who brings people together, keeps momentum, and turns plans into outcomes.
Why this role
You’re not a hands‑on security engineer or a high‑level consultant, you sit comfortably in between.
Brand‑new role to help St Vincent De Paul (Vinnies), values‑led organisation move from “foundations in place” to consistent, business‑wide uplift. The cyber roadmap and governance structures are defined and you’ll be the facilitator who brings people together, keeps momentum, and turns plans into outcomes.
Why this role
- Greenfield without the chaos: Roadmap and governance are set; audits completed and priorities agreed. You’ll focus on delivery, coordination and communication with no hands‑on engineering.
- Stakeholder engagement: Leaders and teams are engaged and collaborative. Your superpower is making the complex feel simple and actionable.
- Purpose with scale: Help protect services that support communities across Queensland while working in a genuinely positive culture that values ethics, inclusion, and impact.
- Drive delivery against an established cyber uplift roadmap, prioritising, sequencing and tracking progress across business units and vendors.
- Facilitate across IT, application integration, senior PMs, and an experienced L&D team to embed practices, uplift awareness, and land change.
- Translate frameworks, audit recommendations and risks into clear, business‑friendly actions, timelines and reporting for executives.
- Lead structured stakeholder engagement—run meetings, remove blockers, and keep everyone aligned on outcomes.
- Coordinate external security initiatives and MSP/SaaS partners; ensure accountability without micromanaging.
- Maintain lightweight governance (status, RAIDs, decision logs, KPI/MOKRs) that helps delivery, not hinders it.
- Be the “expert in the middle”: a problem‑solving facilitator who can speak with architects/engineers and executives.
- Champion alignment to organisational values, ethics, and community impact, including strong support for First Nations peoples and cultures.
You’re not a hands‑on security engineer or a high‑level consultant, you sit comfortably in between.
- 3–7+ years in cyber/GRC/security program coordination, IT risk, or adjacent delivery roles.
- Proven stakeholder engagement across large/complex organisations with multiple personas and cohorts.
- Confident translating technical concepts and audit outcomes for execs and non‑technical audiences.
- Experience coordinating multi‑vendor or outsourced environments.
- Pragmatic problem solver who can sequence work, make trade‑offs, and keep momentum.
- Customer‑aware communicator who’s comfortable leading meetings and conversations at all levels.
- Values‑aligned, ethical, and motivated by doing work that improves people’s lives.
- Hybrid ~50% (flexible). During the 6‑month probation, you’ll be in the office each workday (flexible start/finish).
- Outsourced operational model; strong internal L&D focus; growing interest in data & AI uplift.
- Supportive culture with high engagement where people enjoy working together and are up for the journey.
- Two‑stage interview process (efficient and respectful of your time).
- National Police Check (conducted by the organisation).
- Current driver licence (please disclose any points).