ABOUT US

At the NSW Education Standards Authority (NESA) we work with the NSW community to drive improvements in student achievement.
We achieve this by supporting all school sectors with high-quality syllabuses, assessment (including managing the HSC and NAPLAN), teaching standards (e.g., accrediting teachers) and school environments (including setting and monitoring school standards).
To find out more about the important work we do for NSW visit our website.

Essential Requirements

• Tertiary qualifications in a relevant discipline or equivalent professional experience.
• A valid Working with Children Check (WWCC) clearance for paid employment (prior to commencement, not required at application

Are you ready to make a real impact?
NESA is hiring for multiple roles in our newly established Cybersecurity, Information Assurance, and Data Protection team, and we are looking for passionate professionals to join us.
Led by our Chief Information Security Officer, this is more than a job. It’s an opportunity to help shape how data and information security is delivered across NESA, protecting sensitive information and building trust in the services that support students, teachers, and the community.
As Manager, Privacy, Data and Governance, you will an opportunity to influence strategy, implement robust information security and data governance practices, and protect sensitive information that impacts thousands of students and teachers across the state. You will drive compliance, embed a culture of privacy and security awareness, and ensure cybersecurity is fully aligned with NESA’s business and technology objectives.

On a day-to-day basis you will:

• Provide strategic oversight of cybersecurity, privacy, and data governance, aligned with NESA’s business and technology goals.
• Foster a culture of security and privacy awareness across the organisation and embed secure practices.
• Oversee records and information governance in line with the State Records Act, GIPA Act, and retention requirements.
• Drive the adoption of enterprise data governance frameworks, including classification, stewardship, access controls, and accountability models.
• Develop and implement a cybersecurity roadmap, overseeing architecture and maturity assessments.
• Monitor and manage cyber/data risks, maintaining risk registers, conducting assessments, and reporting to executive leadership.
• Develop and sustain security and privacy policies and governance structures aligned with NSW Cyber Security Policy, ISM, ISO 27001, and privacy legislation.
• Build strong relationships with senior stakeholders, NSW government agencies and regulators to ensure compliance and best practice.
• Translate complex cybersecurity, privacy, and governance challenges into risk-based, practical advice for business leaders.
• Provide clear and regular reporting to the executive team and board-level stakeholders.

Our ideal candidate will have:

• Experience overseeing security frameworks such as ISO 27001 and Essential Eight, as well as data protection and enterprise data governance.
• Knowledge of privacy legislation, including NSW PIPA 1998, HRIPA, and the Privacy Act 1988, with involvement in managing breach notifications and privacy governance.
• Background in leading change and contributing to improvements in cybersecurity and privacy capability within complex environments.
• Senior-level experience advising executives and driving outcomes in large or complex organisations.
• Strong stakeholder engagement skills, with the ability to influence and balance competing priorities.
• Leadership skills to guide, develop and drive performance in high-performing teams.
• Strong stakeholder management expertise, with experience navigating government processes.
• Demonstrated experience at a senior level providing authoritative advice to executive leadership.

Essential Requirements

• Tertiary qualifications in a relevant discipline or equivalent professional experience.
• A valid Working with Children Check (WWCC) clearance for paid employment (prior to commencement, not required at application)

Download the role description.