Will you actively create a healthier future for tomorrow?
At Medibank we’re encouraged to think big. We have a clear purpose to impact better health outcomes for our customers, patients and our community.
We celebrate diversity of thought because we want to make better decisions for our customers. As we work towards our goal of better health for better lives, we value the knowledge and contribution of Aboriginal and Torres Strait Islanders. We are working hard to create an inclusive workplace and develop Indigenous careers.
Medibank has bold 2030 Vision to deliver the best health and wellbeing for Australia increasingly relies on succeeding in Digital. Digital platforms and engineering services will be a critical enabler for future health and insurance experiences we deliver to our customers. The current Digital platforms have strong capabilities but for us to win in the context of 2030 vision, our digital assets will need to be reimagined and further evolved that is scalable, increases agility and accelerate solution delivery with improved security posture.
Medibank is on a mission to strengthen its information security posture. We've recently refreshed our Information Security Policy Framework (ISPF) and completed a formal assessment to identify areas needing improvement. Now, we're looking for a Security Compliance Specialist to help us close those gaps and ensure our business is secure, compliant, and future-ready. This is an initial 6-month contract with a daily rate of $1000-$1,100 inc Super.
What you will be doing:
- Develop and lead the compliance roadmap to address gaps identified in our ISPF.
- Collaborate with stakeholders across the business to agree on remediation actions and support needs.
- Ensure all actions align with key frameworks like ISO/IEC 27001, NIST CSF, PCI DSS, and CPS 234.
- Provide clear, insightful reporting to guide risk-based decision-making and investment.
- Be a visible champion of good security practices and Medibank’s core values.
Experience Needeed:
- 5+ years in cyber security, risk, assurance, or compliance roles.
- Deep understanding of security frameworks and regulatory standards.
- Strong communication skills — able to engage both technical and non-technical audiences.
- Experience with GRC platforms and tools.
- Relevant certifications (e.g., CISSP, CISA, ISACA) are highly desirable.
A career with us
At Medibank, we believe work is something we do, not somewhere we go. Our modes of working – Collaboration, Connection and Concentration – help inform how your day is structured and where you choose to work will vary, depending on your role and requirements.
The wellbeing of our employees is our priority. We encourage you to talk to us about any additional support you may require during the recruitment process, as well as how this role can be flexible for you. We encourage applications from candidates with a disability, if you require any adjustments or alternate formats of key information at any stage of the recruitment process, we welcome hearing from you.
