Job Description
Who are we?
City FM Australia (City) provides world-leading facilities management and engineering solutions that ensure safe, successful, and sustainable outcomes for our partners, on time and on budget. Underpinning our core services and unique offering sits our technology platforms and initiatives, delivered through in-house Application, Programming, Testing, Development and Business Intelligence teams.
The Opportunity:
If you’re a cyber security professional who thrives on both leadership and hands-on delivery, this is your opportunity to make a real impact.
In this permanent full-time role, you’ll act as a true player-coach—leading cyber security operations while remaining close to the tools, platforms, and technologies that protect the business. You’ll take ownership of security operations, incident response, and vulnerability management, ensuring controls are effective, continuously improved, and aligned to business needs.
Working closely with infrastructure, applications, and business stakeholders, you’ll strengthen cyber resilience, reduce risk, and help embed a proactive security culture across the organisation. From responding to incidents and leading investigations through to shaping security strategy and uplifting capability, your work will directly influence how City protects and evolves its digital environment.
Key Responsibilities:
• Security Operations & Incident Response – Lead day-to-day cyber security operations, ensuring controls, alerts, and processes are effective and fit for purpose
• Vulnerability Management – Drive vulnerability assessment and remediation activities across infrastructure, cloud, and applications
• Security Tooling & Optimisation – Own and enhance security platforms including endpoint protection, SIEM, email security, and firewalls
• Incident Management & Forensics – Lead incident response, investigations, and digital forensics activities, ensuring comprehensive analysis and reporting
• Risk & Compliance Alignment – Conduct security risk assessments and support alignment to frameworks such as ISO 27001 and ISMS practices
• Strategy & Continuous Improvement – Contribute to security architecture, policies, and long-term capability uplift initiatives
• Stakeholder Engagement – Collaborate with internal teams, vendors, and business stakeholders to embed effective security practices
• Leadership & Capability Uplift – Mentor team members and build cyber security awareness across the organisation
Experience & Expertise:
Essential
• Demonstrated experience in cyber security, including security operations, incident response, and vulnerability management
• Proven experience leading or coordinating cyber security activities in a complex enterprise environment
• Strong hands-on experience across incident response, investigation, and remediation
• Experience operating within or improving security frameworks such as ISO 27001 or ISMS
• Experience managing and optimising security technologies (SIEM, endpoint, firewalls, email security, etc.)
• Strong stakeholder engagement skills with the ability to translate technical risks into business-focused outcomes
• Experience conducting security risk assessments and driving remediation activities
Desirable
• Tertiary qualification in Cyber Security, Information Technology, Computer Science, or related field
• Industry certifications such as CISSP, CISM, GIAC, SC-200, AZ-500, or equivalent
• Experience with cloud and modern security tooling environments
• Knowledge of digital forensics, disaster recovery, and investigation practices
To be considered for this role you will have / be:
• A strong balance of technical expertise and leadership capability, with the ability to operate as a hands-on cyber security lead
• A proactive, solutions-focused mindset with a passion for improving security posture and reducing risk
• The ability to work collaboratively across technical and business teams to deliver practical, effective security outcomes
What’s on offer:
• Exciting opportunity to lead and shape cyber security within a growing organisation
• Full time permanent role within a high-performing IT function
• Hybrid working model (WFH 2 days a week)
• Free onsite parking when in office
• Supportive, collaborative, and people-first culture
If you would like to be part of a growing Australian Facilities Management business, we would love to hear from you.
Please apply by sending an updated resume and cover letter. Only short-listed candidates will be contacted by phone.
City is an Equal Opportunity Employer who supports and encourages the diverse needs of each individual Team Member.
City does not accept any unsolicited resume referrals from Recruitment Agencies. Please do not submit any resumes or associated profiles to the City careers portal or to any City team members. City will not pay any placement fees relating to unsolicited resume referrals.
