Job Openings Cyber Security Architect

About the job Cyber Security Architect

Lead Cyber Security Architect

Australian citizenship required. No PR or Work Visa holders. Must be able to obtain Negative Vetting Level 1 security clearance.


What to Submit

  1. A tailored resume in docx format

  2. A one page (5000 character) summary response to the selection criteria below.


RFQ Details

  • RFQ ID: LH-05709

  • Agency: Department of Health, Disability and Ageing

  • Closing Date: Friday, 06 March 2026 – 11:59pm (Canberra time)

  • Estimated Start Date: Wednesday, 01 April 2026

  • Initial Contract Duration: 12 months (until 31 March 2027)

  • Extension Term: 12 months

  • Number of Extensions: 1

  • Experience Level: Lead – EL2 equivalent

  • Security Clearance: Must be able to obtain Negative Vetting Level 1

  • Location of Work: QLD, WA, ACT, VIC, NSW, NT, SA, TAS

  • Working Arrangements:

    Hybrid.

    The Labour Hire Worker is required to work from the applicable office at least 2 days per week.

    A Working from Home Agreement must be formalised with the Buyer representative before commencing flexible work arrangements.

    The Labour Hire Worker must adhere to the annual closedown as defined in the Buyers Enterprise Agreement and public holidays.

  • Maximum Hours: 40 hours per week


Job Details

The Security Architect is responsible for designing, assuring, and guiding secure technology architectures that support the Department of Health, Disability and Ageings digital systems, with a particular focus on Aged Care, Disability, and health-related platforms.

The role ensures that departmental systems are secure by design, compliant with Australian Government cyber security frameworks, and resilient against emerging threats, while enabling delivery of critical services to the Australian community.

Key Duties and Responsibilities

The Cyber Security Architect is to undertake tasks that include, but are not limited to, the following:

  • Develop and document cyber security architectures relevant to Aged Care systems.

  • Review Architecture and Design collateral for alignment to security controls and practices i.e ISM, PSPF, Essential Eight.

  • Provide guidance on cyber security aspects to Architects, Designers.

  • Highlight cyber security deficiencies with the Aged Care ecosystem.

  • Access changes to Government and Department specific cyber security policies and advise stakeholders of impacts.

  • Contribute to cyber department security policies.

  • Access cyber security aspects of departmental policies and advise the impact to Aged Care systems.

  • Perform duties as advised by architecture Director.

  • Contribute to systems authorisation and IRAP assessments.

  • Adhere to governance framework and APS architecture standards.


The specified personnel may be redirected to assist or work on other projects/activities outside of the branch of initial assignment.

The seller must ensure that the Labour Hire worker performing the services during the term of this contract, facilitate an effective transfer of skills and knowledge to the buyer to enable full use of services and deliverables and associated documents.


Technical Skills

Certifications in TOGAF 9, COBIT 5 Foundation, SAFe, Scrum and/or ITIL v3 Foundation are desirable.

Selection Criteria

The buyer has specified that each candidate must provide a one page pitch to address all criteria specified. This is equal to 5000 characters.


Essential criteria

  1. Bachelors/Masters degree in Data Science, Computer Science, Information Systems, or related discipline.

  2. Strong analytical, stakeholder engagement, and communication skills.

  3. Deep knowledge of cyber governance and compliance in the public sector environment including strong knowledge of Australian Government cyber security frameworks (ISM, PSPF, Essential Eight).

  4. Proven experience in cyber security architecture within complex ICT environments.

  5. Experience supporting system authorisation and assurance activities, including IRAP.

  6. Ability to assess and design security controls across cloud, on-premises, and hybrid environments.

Desirable criteria

  1. Industry certifications such as SABSA, CISSP, CISM, or equivalent (desirable).

  2. 10 years of experience working across IT environments in security application design or development.


Or refer someone