General Manager Information Security

About us

At CareSuper, we believe we’re Super Together. As a profit-to-member super fund with over 550,000 members and $55 billion in assets, we’re passionate about helping our members retire with confidence. We’re growing fast and looking for our next superhero to join us on this exciting journey.

About the role

Reporting to the Chief Technology Officer, as our new General Manager Information Security, your mission will be to provide strategic leadership and enterprise accountability for CareSuper’s information and cyber security posture. This role ensures the confidentiality, integrity, and availability of Fund systems and data, maintains compliance with regulatory obligations, and embeds security into technology and business operations. It drives the cyber strategy and fosters a fund wide culture of risk-aware decision-making.

In this role you will:

• Provide senior guidance, advice to and governance of the information security policy program, focusing on continual improvement strategies
• Oversee, develop and execute the cyber security roadmap in alignment with the existing information security strategy, regulatory compliance obligations and partner agreements
• Strategically lead a team of Cyber and Information Security professionals to deliver on the cyber security road map
• Oversee, manage and maintain an effective human risk management program based on cybersecurity awareness and training
• Oversee, manage and maintain an effective vulnerability management program
• Oversee, manage and maintain an effective data loss prevention capability to protect sensitive information
• Oversee, manage and maintain an effective cyber incident response testing program in line with existing procedures and playbooks
• Oversee, manage and maintain an effective threat intelligence and risk management program based on offensive cybersecurity practices
• Oversee and manage information security control implementation and integrations
• Oversee and manage the annual cyber security control assurance testing requirements
• Oversee and manage ongoing information asset penetration testing requirements
• Oversee, manage and maintain security operations resource planning and metrics reporting capability.

What we’re looking for

We’re on the lookout for passionate individuals who embody our values. We’re after someone who lives and breathes Cyber Security and is passionate about keeping our members information safe. Someone that is a strong leader that can think holistically about our fund’s security and the strategy that sits behind it.

You’ll thrive in this role if you have:

• Extensive leadership experience within Technology
• A strong understanding of cyber/information security and how to strategically embed best practices into an organization.
• Relevant Tertiary qualifications in Technology
• Professional qualifications associated with cyber/information security management principles (e.g. CISSP, CISM)
• The Strategic thinking to develop and maintain a comprehensive information security policy, standards and guidelines, particularly as they relate to security governance, risk and compliance
• A strong understanding of the NIST Cyber Security Framework (CSF), ASD control frameworks and cyber security related regulatory compliance frameworks as they relate to the financial services industry
• A Strong understanding of penetration testing frameworks, methodologies, and open source/commercial security assessment tools
• The ability to conduct quality security risk assessments and manage control frameworks
• Proven knowledge of risk management and governance frameworks such as NIST, ISO 27001 and COBIT
• The ability to analyse, prioritise, problem solve, define process and document procedures
• Strong written and verbal communication skills for conveying complex security, risk, and compliance issues to executives and board members including presenting in professional forums and report writing.
• Project management proficiency across complex, multi-stakeholder initiatives.
• Experience embedding security into cloud platforms, agile delivery and DEVSECOPS environments

Why CareSuper?

We’re not just another super fund. We’re a values-driven organisation that puts people first—our members and our team. Here’s what you can look forward to:

• Hybrid and flexible work environment
• 5 weeks annual leave
• 16 weeks of parental leave for all eligible employees
• Holistic health and wellbeing support - free annual flu shots, skin checks, Employee Assistance Program
• External Employee Coaching Program and Professional Development
• Rewards and Recognition Program, as well as employee discounts and cashback offers on a broad range of products and services

Ready to apply?

We’d love to hear from you! Just send through your resume and a cover letter. Be quick—we may close applications early if we find the right person.

What happens next?

Need support during the application or interview process? We’re here to help. Just reach out to your talent partner and let us know how we can make the process work for you.

We’re committed to protecting your privacy—your personal information will be handled with care and in line with our Privacy Policy.

At CareSuper, we know that diverse perspectives make us stronger. We’re proud to foster an inclusive environment where everyone feels welcome, respected, and valued—no matter your background or identity