Information Security Manager

Job No: GMHBA477
Location: Geelong

We’re looking for an experienced Information Security professional to join our team in this newly created role.


GMHBA is an Australian, not for profit, integrated healthcare company, providing private health insurance and health solutions to more than 400,000 members. Through our personalised approach and exceptional customer service, we put the health and wellbeing of our members and communities first.
About the role
Our IT Services Group engages collaboratively with the business to define, develop, deliver IT solutions and business services, playing an active role in the technology lifecycle and shaping enterprise demand.
Within this role you’ll manage the GMHBA Information Security and compliance to APRA CPS234 under delegation from the CIO and manages ITSG responsibility and compliance to the GMHBA Risk Management Framework.

Working closely with business stakeholders, and as a member of the Leadership team, you’ll contribute to setting and delivery of the GMHBA’s overall strategic plan and objectives. Your other areas of responsibility will include:
  • Managing the ISMS under delegation from CIO working with external security specialists
  • Review the Threat Risk Assessment of systems and processes with IT Managers and key stakeholders
  • Classifying assets and ensuring information, business applications, information systems and networks are protected in line with their importance to the organisation.
  • Manage audit processes and ensure ITSG adherence to GMHBA risk management framework
About you

As the successful candidate, you’ll demonstrated the following skills and experience

  • Extensive IT security and risk experience within a regulatory, internal audit or compliance environment.
  • Experience with the development of general controls and/or IT compliance related standards.
  • Working knowledge and exposure of IT Governance, Risk and Compliance practices.
  • Strong technical and analytical aptitude.
  • Experience in developing and rolling out information security compliance programs using ISO 27001
  • Experience in developing and rolling out PCI DSS compliance programs
  • Experience in operating at Board and Executive level
  • Bachelor’s degree with emphasis in related field or equivalent experience.
  • Certified Information Security Manager (CISM) Certification
  • Certified Information System Security Professional (CISSP) Certification
Highly desirable
  • Experience in private health insurance
  • Experience working under APRA regulatory framework
Let's get started?
Submit your application TODAY via the form below. Download the full position description for more information.
Have Questions? Contact us at
At GMHBA we celebrate and harness diversity and consider it a competitive advantage. We encourage applicants from all diverse backgrounds.
In submitting an application, you agree that you have read and accepted the terms and conditions of our privacy statement.

Personal Details * Required field