Senior Cyber Specialist - Hawthorn East

Key Responsibilities 

• Act as the primary engagement point for Supply Chain Technology, Site Operations, OT Engineering, and other key business stakeholders to build strong relationships and deliver secure‑by‑design outcomes. 

• Ensure Supply Chain Technology, OT teams, and vendors design and deliver solutions in line with Coles’ Cyber Security policies and standards. 

• Embed cyber security best practices into system, application, and OT risk assessments across the supply chain. 

• Ensure Cloud, on‑prem infrastructure, network, and Operational Technology (OT) solution designs adopt secure‑by‑design principles. 

• Support secure‑by‑design activities for warehouse automation, robotics, IoT devices, industrial systems, and site‑based control systems. 

• Collaborate with cross-domain teams to ensure the secure and privacy-aligned use of data across supply chain systems and operational workflows. 

• Embed AI/ML security risk management and baseline requirements into new supply chain‑related data science or optimisation initiatives. 

• Provide security advisory across initiatives impacting distribution centres, manufacturing operations, transport management systems, and supplier connectivity. 

• Assist with the identification, tracking, and reporting of cyber risks and control uplift opportunities across the supply chain environment. 

• Partner with Cyber Detection & Response for OT‑related incidents, ensuring incident preparedness and coordinated response across sites. 

Skills and Qualifications 

• 10+ years of Information Security experience, ideally including work across complex operational environments such as supply chain, manufacturing, logistics, or utilities. 

• Strong understanding of security management frameworks including ISO 27001, NIST CSF, Essential 8. 

• Demonstrated experience developing and uplifting technical and procedural controls to protect technology and/or OT environments. 

• Proven ability to consult with technology, engineering, and operational stakeholders to ensure security requirements are integrated into design and implementation. 

• Solid understanding of security reference architectures and a broad range of security capabilities across IT and OT environments. 

• Experience assessing AI/ML solutions and their security and privacy implications. 

• Strong secure‑by‑design experience with the ability to guide stakeholders toward resilient solutions across IT and OT ecosystems. 

• Ability to manage a personal pipeline of work, balance multiple concurrent priorities, and meet project commitments. 

• Strong understanding of cyber security policy, standards, and secure development / system lifecycle requirements. 

• Experience assessing inherent and residual risk for changes impacting operational or OT systems. 

• Confident in presenting risk, vulnerabilities, and compliance concerns to management.