Cyber Compliance and Assurance Lead

Working at Transurban is different; it’s a place where you can see the benefits of your work play out in real life, every day. We create city‑sized solutions—building and operating safer, smarter, and more sustainable roads—to solve pressing transport challenges that are slowing cities down.

About the role

We’re seeking a Cyber Compliance & Assurance Lead to drive the implementation, maintenance, and continuous improvement of our ISO 27001 Information Security Management System (ISMS). This role is central to strengthening Transurban’s cyber governance, ensuring our security practices align with business obligations, regulatory requirements, and enterprise risk appetite.

You’ll have the autonomy to shape our assurance vision, modernise governance practices, uplift cyber maturity, and influence strategic decision‑making across a major ASX‑listed organisation.

Day‑to‑day, you will:

• Lead Transurban’s ISO 27001 certification journey and ongoing ISMS uplift

• Conduct internal audits, assessments, and periodic reviews across technology and business environments

• Manage the cyber risk and compliance lifecycle, ensuring accurate registers, timely escalation, and alignment to the Enterprise Risk Management Framework

• Translate regulatory and industry requirements (ISO 27001, NIST CSF, PCI DSS) into actionable control objectives

• Support third‑party risk assurance by assessing critical vendors and validating controls

• Develop and uplift cyber security policies, standards, and procedures across IT and OT

• Operate an enterprise control assurance framework that tests control effectiveness—not just existence

• Produce audit‑ready evidence and track remediation actions to closure

• Build unified cyber metrics and dashboards that provide meaningful insights to senior leadership

• Create targeted security awareness content aligned to ISMS principles and uplift cyber culture across the organisation

This role will suit someone with a curious mind and transferrable skills, including:

• Strong leadership in cyber or technology risk management

• Proven experience implementing and operating ISO 27001 ISMS at scale

• Expertise in cyber control assurance and third‑party risk management

• Deep understanding of GRC practices, control design, and industry frameworks (ISO 27001, NIST CSF, PCI DSS, Essential 8)

• Ability to influence technical and executive stakeholders with clear, risk‑based insights

• Experience engaging auditors and managing complex compliance obligations

• Strong communication skills and executive presence

• High resilience, adaptability, and ownership in a dynamic environment

• Relevant certifications such as ISO 27001 Lead Implementer/Auditor, CISSP, CISM, or CISA (highly desirable)

If you meet some of these requirements, but not all, we encourage you to submit your application. 

With a career at Transurban, you’ll enjoy a range of benefits, including:

• Flexible working and leave options, including the ability to purchase additional leave

• 16 weeks paid parental leave for all parents, with superannuation paid during unpaid leave

• Learning and development opportunities to support your career growth

• Health and wellbeing support, including access to Headspace, EAP, and wellness facilities

• Share offers and insurance benefits

• Social activities, community programs, and paid volunteer days

We offer flexibility so you can balance work and life commitments. Let’s talk about what that could look like for you.

We embrace diversity with a foundation of safety, wellbeing, and inclusion—where everyone belongs.

We welcome applicants from all backgrounds, including Aboriginal and Torres Strait Islander peoples and people living with disability.

If you require adjustments during the recruitment process, please contact us at [email protected].

Job Type:

Closing Date:

Please note: The closing date reflects the time zone of the Primary Location for this job posting.

Primary Location: