"Cyber Security Advisor"

PRIMARY DETAIL

• Annual base salary from $122,628 to $136,449 (HEW Level 8) plus 17% superannuation and annual leave loading
• Full-time, Continuing
• Macquarie University, Wallumattagal Campus, North Ryde

Shape cyber resilience through expert advisory and guide secure decision-making across Macquarie University Health!

Macquarie University Health is a trailblazer in healthcare, education and research. It is Australia's first and only fully integrated academic health sciences centre which brings together Macquarie University Hospital, Clinics and the Faculty of Medicine, Health and Human Sciences at Macquarie University.

We are hiring an enthusiastic Cyber Security Advisor/specialist within Macquarie University Health to provide dedicated, embedded security capability within this complex and high-risk operating environment. In this role, you will be the trusted voice ensuring that Macquarie University Hospital and the broader health portfolio meet growing cyber security, privacy, and regulatory obligations. You will translate complex security concepts into practical, risk-based guidance for stakeholders at all levels.

You'll work at the intersection of strategy and operations, partnering with project teams, IT leadership, and the CISO to ensure the University's digital landscape remains resilient, compliant, and secure.

If you're passionate about enabling others to make informed security decisions and want to do meaningful work within a progressive, values-driven institution, we'd love to hear from you.

About the Role

Reporting to our Chief Information Security Officer (CISO), the Cyber Security Advisor provides specialist security advisory services across Macquarie University Health. Key responsibilities include:

• Providing cyber security advisory services to programs, projects, and operational teams across Macquarie University Health, translating security requirements into clear, practical guidance for clinical and non-clinical stakeholders.
• Conducting risk and control gap assessments and delivering recommendations to ensure security is appropriately embedded in impacted ecosystems and supporting systems.
• Supporting the CISO through security consulting, including coordinating and interpreting security reviews, threat modelling, and penetration test outcomes to provide clear, risk-based advice.
• Advising on the application of technical controls aligned to the Essential Eight (up to Target Maturity Level), NIST Cyber Security Framework, and broader industry best practice.
• Providing guidance on cloud security, access management, and data protection practices, including reviewing designs and proposed configurations for risk and compliance considerations.
• Preparing security artefacts for governance and assurance, including dashboards, reports, presentations, and documentation for project, audit, and compliance reporting.
• Contributing to the review and continuous improvement of cyber security policies, procedures, and standards.
• Facilitating knowledge sharing and capability uplift through stakeholder workshops and security awareness sessions.

About You (Selection Criteria)

You are an experienced cyber security professional with a strong consulting mindset. You excel at distilling complex technical risks into clear, actionable advice and building trusted relationships with diverse stakeholders.

• Relevant degree in a related discipline (e.g., Technology) and/or equivalent knowledge, skills, and experience, with relevant certifications such as CISSP, CISM, ISO 27001 Lead Implementer, or equivalent.
• Knowledge of health-sector regulatory requirements, compliance obligations, and operational ways of working including an understanding of clinical workflows, health information governance, and the privacy and security expectations of health regulators and patients (e.g., My Health Records Act, NSQHS Standards, health-specific data handling requirements).
• Experience in cyber security roles, with consulting, advisory, or project delivery experience.
• Proven experience assessing controls against the Australian Essential Eight and NIST Cyber Security Framework.
• In-depth knowledge of cloud security principles, including the ability to review and advise on secure architectures, configurations, and integration designs.
• Demonstrated ability to conduct, interpret, and clearly communicate findings from penetration tests, threat models, and security architecture reviews.
• Familiarity with Australian regulations and frameworks such as the Privacy Act, NDB, ISO 27001, and ISM.
• Excellent interpersonal and communication (written and verbal) skills, with a demonstrated ability to engage effectively with stakeholders across varying levels of technical knowledge.
• Familiarity with CI/CD, DevSecOps, and security automation practices (in an advisory capacity). (Desirable)

How to Apply

To be considered, please apply online with your CV and a cover letter outlining how your experience aligns with the selection criteria (above).

Applications Close
27/03/2026 11:59 PM