Cyber Prioritisation Lead
Employment Type
PermanentClosing Date
4 July 2026 11:59pmJob Title
Cyber Prioritisation LeadJob Summary
Across our cyber teams we generate more signal every day than any one team could ever act on - threat intelligence, vulnerabilities, red team findings, incidents, risk and regulatory obligations all competing for the same finite effort. What we need is someone who can build the system that decides what matters most and make that call stick.Job Description
As our Cyber Prioritisation Lead, you'll build and drive the threat-informed prioritisation structure and process that sits at the heart of the cyber function. You'll draw on signals from right across cyber and turn them into a clear order of what we do next - and you'll be the person who engages and influences stakeholders to land those priorities, even the hard ones.
This role is intentionally different from a hands-on engineering position. You won't be configuring, coding or remediating. Your impact comes from clear thinking, building the mechanism, and influence - helping the whole function focus its energy where it counts.
It's also a genuine build. The structure you'll create doesn't exist yet — you'll design it from first principles alongside the Head of Cyber Requirements & Prioritisation, and shape how the function decides where to spend its effort. If you're energised by ambiguity, by creating something new, and by seeing your thinking change what the organisation does, this is where you'll thrive.
This is a permanent full-time role and can be based in any capital city across Australia.
What we offer
Performance-related pay
16 weeks paid parental leave for primary and secondary carers
Access to thousands of learning programs so you can level-up
Purchased annual leave scheme
Additional Telstra day off, for you to spend as you like
Additional 30% off Telstra products and services
Toolkit provided (laptop + mobile phone + plan - all covered)
What you'll do
Build and own the threat-informed prioritisation model — the structure, scoring and cadence that turns competing demands into a clear, defensible order of work.
Establish the process that turns threat intelligence, vulnerability management, red team activity and incidents into prioritised, actionable requirements.
Run the operating rhythm — the regular reset that re-ranks priorities as the threat picture, risk and obligations shift, so the order of work never goes stale.
Be the central point of engagement across cyber, technology and business — earning the trust that turns a priority into shared action.
Translate complex, competing technical inputs into clear priorities and actions that leaders can act on and defend.
Make the reasoning visible — so “why this, why now, why not that” is transparent and repeatable, not a black box.
Partner with security engineering to hand over prioritised, build-ready work — guiding direction without being responsible for implementation.
Help shape capability and requirements for problems that don't have a solution yet, and influence where the function heads next.
About you
What matters most: we care more about how you think and how you bring people with you than about a specific tool list. The most aligned person in this role is a sharp critical thinker, an excellent communicator, and someone genuinely energised by building something new. Depth in any one technology is welcome, but it is not what will make you successful here.
Threat Intelligence & Tooling — you’ve worked hands-on with CTI and threat intel platforms (like OpenCTI or similar) and know how to turn raw intel feeds into something practical that drives prioritisation.
Prioritisation & Risk — you take inputs from across cyber (threats, vulnerabilities, incidents) and translate them into clear, defensible priorities using risk-based approaches (Cyber Risk, PIR etc.).
Red Team Integration — you’ve partnered with Red Teams to reassess what matters most, using data (exploitability, impact, asset value) to reprioritise controls and actions.
Stakeholder Influence — you work confidently with senior stakeholders — including CISO, Deputy CISO and Security Engineering Execs — and bring them along with clear, evidence-based prioritisation rationale.
Cyber Domain Expertise — you bring strong working knowledge across CTI, SOC, vulnerability management and offensive security, and use it to connect the dots and drive outcome-focused decisions.
This is a rare chance to build the prioritisation engine for a cyber function from the ground up — and, every day, to help decide what matters most. If that's the kind of impact you're looking for, we'd love to hear from you.
Please ensure you have attached an up to date CV to be considered.