Cyber Architect & Assurance Specialist

Cyber Security

Position information

Role Purpose

The Cyber Architect & Assurance Specialist is responsible for coordinating and managing cyber assurance engagements across Seqwater projects and initiatives to ensure cyber security requirements are embedded from initiation and design, and assurance activities are delivered consistently, efficiently, and on time. The role will contribute to designing, governing, and maintaining secure architectures across Seqwater Enterprise, Operational Technology (OT) and Industrial Control Systems (ICS) environments. The role will provide technical security architecture expertise to ensure that Seqwater’s critical infrastructure systems are secure, resilient, and aligned with industry standards such as NIST CSF 2.0, ISA/IEC 62443, ASD Essential Eight, and SOCI Act obligations.

This role exists to extend the Cyber Services & Solutions team’s capacity to handle a high volume of concurrent engagements. It provides structured intake, triage, scheduling, stakeholder coordination, evidence management and reporting so that the Lead and Principal can focus on high‑value technical assurance, architecture and engineering judgement.

The role supports the operation and continuous improvement of Seqwater’s cyber assurance engagement model under the direction of the Lead Cyber Services & Solutions

Seqwater’s vision, values and promise

Water is essential for life. At Seqwater, it is our job to provide water for more than three million people across South East Queensland. We live and work in the communities we serve, and we proudly work together to deliver on our vision of Water for Life. We do this by living our values and keeping to our promise - Safe for Life.

Integrity, respect, care and courage are at the heart of the way we work and interact with our colleagues, stakeholders, customers and the communities every day.

We commit to delivering a high standard of customer service aligned to our strategic vision. We value working collaboratively with our internal & external customers to improve service delivery.

About your group

The Digital, Technology and Information group develop and implement Seqwater’s strategic technology framework to maximise the value of technology related business investments that assist Seqwater to achieve corporate and operational goals. This group takes the lead on implementing technologies, as well as supporting the development of new technologies that deliver efficiency and connectivity.

Key relationships

Internal stakeholders: Cyber Security Leads

   Cyber Security team

   Enterprise Architects / Solution Delivery / ICT & OT teams

   Program and Project Managers / Project Governance forums (incl. capital delivery)

   Cyber Program and PMO Stakeholders

   Solutions Delivery

   Senior Leadership Team (SLT)

External stakeholders: Cyber vendors and assurance partners

   Systems integrators and consultants

   Relevant federal and state government agencies

Key responsibilities

• • • • • • • • Act as the coordination point for cyber assurance engagements across projects and initiatives.
              • Ensure engagement occurs early (concept/initiation/design) to avoid late-stage rework and commissioning delays.
              • Maintain a structured assurance engagement plan per initiative including milestones, deliverables and required inputs.
              • Coordinate assurance activities with the Principal, and Lead, ensuring the right resources are engaged at the right time.
              • Lead the end‑to‑end design of cyber security solutions across IT, OT, cloud, and hybrid environments, ensuring secure‑by‑design principles are embedded in all technology initiatives
              • Develop and maintain security design patterns, reference architectures, and solution blueprints for enterprise, cloud, and ICS/OT systems
              • Conduct structured design reviews, threat modelling (e.g., STRIDE, MITRE ATT&CK ICS), and security impact assessments for proposed changes.
              • Partner with Enterprise Architecture to ensure security requirements are embedded into broader digital and infrastructure strategies
              • Provide architectural assurance throughout project lifecycles, including concept design, detailed design, build, test, and deployment
              • Review, validate, and approve solution designs, ensuring alignment to architecture standards, regulatory obligations, and risk appetite.
              • Maintain and update Seqwater’s security standards, architecture principles, and design guidelines

Qualifications and experience

Essentials

• • • • • • • • Formal qualification in Cyber Security, Information Technology, Business, or a related field or an equivalent combination of education and experience.
              • Industry certifications (e.g., SABSA, CISSP, GIAC, TOGAF or equivalent).
              • 10+ years’ experience in cyber security technology, with extensive experience in cyber architecture, and/or design roles.
              • Familiarity with IT/OT convergence and operational technology cyber uplift.
              • Demonstrated expertise in NIST CSF 2.0, ASD Essential Eight and SOCI Act.
              • Experience driving security awareness, business change, and cultural uplift in cyber security.
              • Experience in providing oversight of large, multi-stream cyber maturity uplift activities.
              • Strong stakeholder engagement skills — able to influence project teams and senior stakeholders to provide artefacts, meet milestones, and close actions.
              • Strong written communication skills including producing clear status reporting and executive-ready summaries.

Desirables

• • • • • • • • Experience working in critical infrastructure environments (e.g., water, energy, transport).
              • Knowledge of continuous improvement methodologies (e.g. Lean Six Sigma).
              • Experience working with infrastructure delivery or operational technology environments (OT/ICS) is beneficial.
              • Experience managing large-scale cyber transformation programs or leading cyber security initiatives within critical infrastructure environments.
              • Exposure to cyber security investment planning, budget management, and risk-based security decision-making.

Job capability requirements

• • • • • • • • Strong organisational capability — able to manage competing priorities, tight timelines and high engagement volume
              • Strong stakeholder management — able to drive outcomes without formal authority.
              • Ability to translate cyber requirements into practical project actions and timelines.
              • High attention to detail to ensure evidence, artefacts and action closure are complete and audit-ready.
              • Ability to identify recurring issues and propose workflow improvements to reduce bottlenecks and rework.
              • Strong understanding of cyber security frameworks and regulatory requirements (e.g., SOCI Act, QG IS18, ASD Essential 8, NIST CSF).
              • High analytical capability — able to assess whether architecture and design outcomes are aligned, pragmatic, and risk-appropriate.
              • Expertise in translating cyber risks and regulatory requirements into actionable architecture patterns
              • Strong interpersonal and communication skills, capable of translating technical progress into clear business-aligned reporting.
              • Demonstrated ability to engage with vendors, manage contracts, and service providers, ensuring alignment with security uplift objectives.
              • Alignment with Seqwater values