Head of Cyber Security Risk and Governance

Head of Cyber Security Risk and Governance

An exciting leadership opportunity for a seasoned Cyber Risk and Governance expert ready to make a significant impact.

Role Title: Cyber Governance, and Risk and Oversight Lead

Are you passionate about driving transformative change in cyber governance and risk? Do you thrive in building, leading, and mentoring teams? Do you have the expertise to uplift the cyber maturity of a complex organisation?

If you're looking for a challenging and rewarding role where you can influence strategy, build a high-performing team, and engage at the executive level, this could be the perfect opportunity for you.

Company: We are partnering with a leading ASX-listed organisation that values innovation. The company has invested heavily in cyber risk management, successfully implementing multiple initiatives to enhance its security posture. As they continue to grow, there is a critical need for a robust second-line risk function, and they are seeking a Cyber Risk and Governance Lead to drive this transformation.

Role Overview: This role is ideal for an experienced professional with a strong background in cyber risk management and governance, particularly in first and second-line risk functions. Reporting directly to the CISO, you will lead the Cyber Governance and Risk team, shaping the strategic direction of cyber risk management while ensuring alignment with broader business objectives.

This role is open to anyone based out of Melbourne or Sydney, with Hybrid working arrangements available, and 3 days in-office per week.

Key Responsibilities:

• Lead and mature the cyber governance and risk function, developing comprehensive risk frameworks and governance programs across the organisation.
• Deliver measurable value, ensuring risk initiatives drive real business impact across multiple brands.
• Enhance risk metrics and reporting, providing clear, actionable insights to the board and executive leadership.
• Scope and execute complex cyber governance initiatives, ensuring feasibility and setting clear expectations.
• Drive strategic direction, ensuring cyber risk programs align with business objectives and industry best practices.
• Build and lead a high-performing team, recruiting, coaching, and mentoring professionals in cyber governance and risk.
• Engage with senior stakeholders, including the board, heads of, and cross-functional teams, to foster collaboration and strong cyber risk culture.
• Manage governance for emerging risks, including AI, M&A, and regulatory changes.
• Ensure hands-on involvement in designing and executing governance policies and controls, beyond just project oversight.

Experience Required:

• Minimum 8 years of experience in cyber risk management, governance, and technology risk.
• Strong leadership experience with demonstrated success in leading teams and driving business outcomes.
• Expertise in second-line risk functions, with a deep understanding of governance frameworks (ISO, NIST, FAIR).
• Proven ability to build confidence at board level and communicate cyber risk strategies effectively.
• Experience in complex environments, ideally spanning enterprise, security consulting, and regulated industries.
• Industry breadth is important – the right candidate should have experience beyond a single program and/or sector, with exposure to banking, finance, government, or highly regulated environments.

Why Join:

• Play a pivotal role in shaping the future of cyber governance and risk within a large Australian enterprise.
• Grow and build a new team, recruit, coach, and mentor.
• A meaningful role. Contribute to high-impact projects that drive business growth and enhance risk management capabilities.
• Gain exposure to a wide range of industries, including mergers & acquisitions and AI, in a constantly evolving environment.

Location: Melbourne or Sydney.
Hybrid WFH Flexibility: Hybrid working, 3 days in-office per week.

How to apply: Click apply or submit your CV to jasmine@decipherbureau or cwhyte@decipherbureau.com for a 100% confidential, informal conversation where your privacy will absolutely be respected.

Decipher Bureau and the clients we partner with are committed to creating a diverse environment and are proud to be equal-opportunity employers. All qualified applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.