Defence searches for its next CISO

The Department of Defence has begun searching for a new chief information security officer after losing its last ICT security assistant secretary.

Image credit: Defence

The department put out the call for a “dynamic and outstanding senior executive” to fill the vacancy on Thursday, three months after CISO Lindsay Morgan left for a private sector gig. 

Morgan, who left the top job after just 11 months in March, has since joined SAP as its Australia/New Zealand director for government security.

His prior roles at the department over the last 10 years included director of cybersecurity operations as well as in security assurance and vulnerability management.

The new CISO, who like Morgan will also lead the chief information officer group’s (CIOG) ICT security branch, will become Defence’s principal ICT security advisor.

According to the job ad, this will include “providing advice and guidance on significant cyber security risks that contribute to Defence’s overall security performance and agency level risk”.

This will involve ensuring the department complies with whole-of-government cyber security policy, standards, regulations and legislation” such as Australian Signals Directorate’s top four.

It will also involve overseeing “all ICT security-related activities within the Defence Single Information Environment and influence the broader ICT environment”.

The SES Band 1 level executive will also be responsible for “controlling, shaping and influencing ICT Security management systems and resources within CIOG and across Defence”.

Defence expects the successful candidate will have “extensive experience in ICT security, including in more than one organisation”, and be able to obtain a Top Secret Positive Vetting.

“You will require knowledge and practice in delivering ICT cyber security strategy, the conduct of ICT cyber security operations, and providing cyber security technical direction in a large, complex and diverse organisation,” the job ad states.