Senior Cyber Security Specialist

Senior Cyber Security Specialist (Health Manager Level 4)

Strengthen cyber resilience across Australia’s largest public health system – with flexible work options and growth opportunities

• Permanent Full Time Opportunity
• Hybrid flexibility for work-life balance | Chatswood, St Leonards or Charlestown
• Attractive salary, up to $175,917 + 12% Super + 17.5% annual leave loading

Applications Close: 11:59pm, 27 May 2026
 

Your work matters at eHealth NSW

As the digital centre of excellence for NSW Health, we design and deliver secure, scalable technology that supports patient care across the state, helping clinicians provide better healthcare, now and into the future.  

Join eHealth NSW to create real-world impact, drive meaningful outcomes and support the health of millions every day. Learn more about us at eHealth NSW

Join the Team 
As a Senior Cyber Security Specialist, you will help strengthen cyber resilience across NSW Health by providing trusted advisory support on strategic initiatives, security assessments and risk decisions that protect critical systems, services and patient data. Working across clinical and corporate environments, you will influence secure design, support risk uplift and help shape practical security outcomes at scale.

In this role, you will:

• Lead cyber security advisory and consulting activities across strategic delivery initiatives, providing practical guidance that supports secure outcomes for clinical and corporate services.
• Conduct security assessments, third-party assessments and solution design reviews to identify threats, control gaps and residual risk across projects, platforms and vendors. This includes conducting cloud security assessments across major cloud platforms such as AWS, Azure and SaaS environments against established security frameworks, evaluating controls including identity governance, audit logging, threat detection and data encryption, and translating findings into prioritised remediation roadmaps that support informed business decisions and organisational risk reduction objectives.
• Contribute to the development and uplift of security architecture patterns, drawing on strong technical knowledge across application, network, operating system and identity security domains.
• Facilitate the identification and assessment of risks and controls against business objectives and core processes and support regular reviews of risk profiles based on trigger events, external factors and policy requirements.
• Manage ongoing risk treatment and remedial action plans, re-assessing risk as controls are implemented and progress is made following assessments and reviews. Ensure instances of non-compliance, control weakness or risk exposure beyond appetite are appropriately documented, transparently reported and effectively escalated to senior leadership.

• Assess, communicate and provide strategic oversight of security initiatives against frameworks such as the ASD ISM, Essential Eight, ISO 27001 and NIST, translating complex technical risk into clear, business-focused reports for senior leadership, including considerations for Azure and AWS native security controls. Provide strategic oversight of penetration testing assurance activities, including scope validation for critical systems, review of complex test findings, risk contextualisation, and endorsement of remediation and re-testing strategies for systems of institutional criticality.

   

View the position description here

About You

To be successful in this role you’ll need:

• Bring strong cyber security experience in advisory or consulting environments, with the ability to apply sound judgement across complex delivery and risk contexts.
• Demonstrate a strong understanding of security concepts across like security architecture, application security, network security, operating systems, identity management, zero trust principle, Operation Technology (OT) security and broader information technology environments.
• Communicate confidently with technical and non-technical stakeholders, translating complex security and technology risks into clear, business-centric insights for senior leadership.
• Understand security assessment and assurance methodologies, including third-party reviews, design reviews, penetration testing and vulnerability assessment approaches.
• Apply a strong working knowledge of frameworks and standards such as the ASD ISM, ACSC Essential Eight, ISO 27001 and NIST along with Azure and AWS cloud services and native security controls.
• Hold a relevant industry certification such as CISSP, CISM, AWS Security or Azure Security certification.

What We Offer  

At eHealth NSW, our benefits are designed to provide you with the flexibility, growth and support when you need it. We provide:  

• Hybrid and flexible working options to support balance and productivity
• Allocation day off per month in addition to annual leave
• Salary packaging to maximise your take-home pay
• Career development and learning opportunities to help you grow
• Wellbeing initiatives like Fitness Passport to support your physical and mental health

Learn More About Us

• Find out how we hire at eHealth NSW  
• Check out our diversity and inclusion commitment  

How to apply

Submit your cover letter and most up to date resume (up to 5 pages), highlighting your relevant skills and experience.  

We recognise that AI tools are increasingly being used to support resumes and applications. While we accept their use, we’re eager to understand you – your experience, motivation, and what you would bring to the role.

For questions around the role or recruitment process, including adjustments, please contact our Talent Advisor  or Hiring Manager,  Jitendra and quote REQ660379.

Important information

• This recruitment may be used to establish a Talent Pool for similar roles (ongoing or temporary) that may arise over the next 18 months.  
• To be eligible for this role you must have current Australian work rights (Australian citizen, permanent resident, New Zealand citizen with a current passport, or hold a valid visa with permission to work in Australia).
• For this role 'Exempt' is refers to a fixed term contract of more than 13 weeks.
• If you currently reside outside NSW, please indicate in your application whether you are willing to relocate if successful.