Title:

Information Technology Security Manager

At KBR – We do things that matter.

We deliver science, technology and engineering solutions to governments and companies around the world. KBR employs approximately 38,000 people worldwide with customers in more than 80 countries and operations in over 29 countries.

KBR is proud to work with its customers across the globe to provide technology, value-added services, and long-term operations and maintenance services to ensure consistent delivery with predictable results. At KBR, We Deliver.

Think.KBR.com

KBR in Australia

With over 65 years working on some of Australia’s largest and most complex projects, KBR has unmatched experience supporting the nation’s critical infrastructure, energy transition and national security priorities. KBR has around 2,000 employees throughout Australia, who are focused on delivering innovative technology and engineering solutions for a safer, more secure and sustainable future.

Learn more about KBR in Australia  

Belong, Connect and Grow at KBR

At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of team’s philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver – Together.

The role:

We are seeking an experienced Cybersecurity Engineer to design, develop, and test enterprise-wide systems and network security solutions. The ideal candidate will manage a broad range of security challenges, including firewalls, data traffic, and network access, while performing comprehensive analyses from concept through operation and maintenance. Responsibilities include encryption implementation, penetration and vulnerability testing, security risk assessments, incident response, disaster recovery, and business continuity planning. You will also integrate advanced security architectures, apply forensic tools for attack analysis, and provide expert engineering recommendations. This role requires strong problem-solving skills, the ability to work independently on complex issues, and the capacity to lead projects and advise multidisciplinary teams. Join us to help strengthen our cyber defense and support critical organizational objectives.

Responsibilities:

The key responsibilities of the role will include, but is not limited to:

Cybersecurity Governance and Compliance

Ensure compliance with the Australian Government Information Security Manual (ISM), Protective Security Policy Framework (PSPF), and Defence Security Principles Framework (DSPF).Develop, maintain, and enforce local ICT security policies, standard operating procedures (SOPs), and system usage guidelines.Assist with the preparation and management of security authorisation packages, including System Security Plans (SSP), risk assessments, and system security assessments.

Technical Security Oversight

Monitor system configurations, oversee vulnerability management across the organisationEnforce Australian Signals Directorate (ASD) system hardening guidelines for all applicable systems.

Risk Management and Incident Response

Identify, assess, and mitigate cybersecurity risks to ensure the continuity of operations.Responsible for the coordination of the local response to local cybersecurity incidents and breaches.Conduct security audits, and coordinate remediation efforts with internal and external stakeholders.

Cyberworthiness and Mission Integration

Support the integration of cyberworthiness into the current organisational framework.Participate in system design reviews and change management boards to ensure security-by-design principles.

Training and Awareness

Promote a culture of security awareness and compliance across the organisation.

Liaison and Coordination

Serve as a primary point of contact for cyber security matters within the organisation.Collaborate with external cyber security stakeholders.Advise in security aspects of capability acquisition, and audits.

Skills and Experience:

Demonstrated knowledge of cyber security frameworks and standards applicable to Defence and Australian Government environments (ISM, PSPF, ISO/IEC 270001).Experience in the implementation and management of ICT security controls.Strong understanding of risk management practices and security governance.Proven experience in stakeholder engagement and cross-functional team collaboration.Familiarity with cyberworthiness, system assessment and authorisation, and mission assurance concepts.Industry certifications such as CISSP, CISM, CISA, Security+, or equivalent

Desirable:

Formal qualifications in Cyber Security, Information Technology, or a related discipline.Ability to interpret and apply Defence policies, technical manuals, and security directives.Proven ability to and apply Defence policies, technical manuals, and security directives.Experience in Defence ICT environments.

Location: Amberley

All candidates will be required to hold and maintain an active NV1Defence Security Clearance. Only candidates holding a NV1 Clearance or above should apply.

What we will offer you:

· A workplace culture certified as a Great Place To Work

· Flexible working

· Competitive salary (including annual reviews)

· Paid parental leave

· Income protection

· Corporate rewards

· Salary packaging/Novated leasing

· Employee stock purchase plans

· Flu shots, skin checks and discounted private health insurance

· Career development: Online learning, mentorship and career pathways

If you’re ready to shape tomorrow, let’s get started. Apply Now!

As a Major Service Provider of the Australian Defence Force, an AGSVA security clearance will be required and compliance to International Traffic in Arms Regulations (ITAR). As such, our hiring decisions are based on the key requirements of each role and candidates are selected based on their unique strengths and experiences.

Notice to Third Parties/Recruitment Agencies: KBR Australia does not accept unsolicited resumes, or any liability associated with fees or costs from recruitment agencies, search firms or third parties who have not been engaged directly on this job opportunity. Candidates interested in applying are welcome to submit their application online.