Job Description

Want real CISO-level visibility without the politics of a fully-baked, set-in-stone practice? If you've got serious security EA runs on the board and you're ready to put your stamp on something - keep reading.


Before the nitty gritty, here's what's in it for you:

- $270k inc. super | Flexibility available for the right person
- Permanent, full-time role based in Melbourne
- Access to a dedicated employee health and wellbeing platform - clinical services, psychology, nutrition, all from your phone
- 35% subsidy on private health insurance
- A Good Health Day each year - a day off, no questions asked, just for you
- 8 hours of community leave per year, plus employer-matched donations up to $1,000
- Flexible working approach - it's about outcomes, not where you sit
- Salary packaging options including motor vehicle
- Employee discounts across a broad range of retail, travel, and lifestyle partners
- A genuinely inclusive workplace - multiple employee networks, real commitment to diversity


So, what are you actually walking into?

This is a replacement role sitting inside a growing security architecture function within a significant, complex Australian organisation. You'll report into the Architecture Squad Lead with a dotted line to the CISO - that's real visibility, not a token reporting line.

The function is still maturing. That's the honest truth, and it's also the opportunity. You won't be inheriting someone else's half-baked decisions - you'll be the one making the calls, setting the roadmap, and building the practice the right way. You'll lead a team of lead and solution architects and be genuinely across what they're producing, not just rubber-stamping it from above.


Day to day, think along the lines of:

- Owning and evolving the security architecture roadmap
- Reviewing solutions and feeding architectural guidance directly to the CISO
- Finding practical, workable solutions to breached controls
- Balancing competing priorities across security and customer-facing programs - this one comes up a lot, so you'll need a strong answer for it
- Building strong relationships horizontally across other security streams
- Driving governance aligned to NIST, ISO 27001, and APRA CPS 230/231
- Developing architecture standards, patterns, and guardrails
- Engaging and influencing senior stakeholders up to executive level

This is not a role for someone walking into enterprise architecture for the first time. They need a proven Security EA - someone who has been here before and knows how to lead, not just contribute.


To be seriously considered, you'll need:

- Proven EA experience in security - cannot be your first EA role
- 7+ years in security architecture within a corporate environment
- Experience leading architecture teams (lead and/or solution architects)
- Strong across the security stack: IAM, cloud, AppSec, SIEM, network/endpoint, incident response
- Demonstrated application of NIST CSF, ISO 27001, and APRA CPS 230/231
- A solid technical background in cyber security
- Comfortable operating at senior and executive stakeholder level
- Financial services or health sector experience highly regarded
- TOGAF or SAFe familiarity
- CISSP or CISM desirable
- Melbourne-based | Australian Citizen or Permanent Resident only

If any of this has landed, there's plenty more context - technical and otherwise - that can be shared confidentially once we've had a chat.

Reach out to Kris Rosentreter at Decipher Bureau:
�� 0452 564 644
�� kris@decipherbureau.com