Senior Manager - Data and AI Security

About the role  

We’re looking for a Senior Manager – AI & Data Security to set and lead Transurban’s strategy for safeguarding critical data and enabling the secure adoption of AI across the enterprise. Reporting to the CISO, you’ll provide executive-level advice, shape a pragmatic roadmap, and translate it into initiatives that protect our operations while supporting innovation. You’ll partner closely with technology and business leaders in Australia and North America and build a high performing team focused on data and AI security outcomes. 

Day-to-day, you will:  

• Develop and execute a strategic AI and data security roadmap aligned to business objectives and risk appetite, turning it into tangible programs and projects  

• Design and implement data and AI security solutions and processes with a high degree of automation, embedding AI practices into cyber operations, services, delivery and governance.  

• Provide expert insights, risk assessments and recommendations to senior leadership and governance forums; regularly brief the CTO and GMs on progress and emerging threats.  

• Act as a key SME and enabler for AI and Data Security across Australia and North America to ensure consistent, effective practices.  

• Lead, mentor and develop team members (including the Data Security Lead), setting clear priorities, operating rhythms and a culture of continuous improvement  

• Manage strategic vendor and partner relationships, including contract negotiations and oversight of service delivery against Transurban’s security standards. 

This role will suit someone with a curious mind and transferrable skills and experiences, including:  

• Deep expertise in AI security/governance (e.g., NIST AI RMF) and data protection (classification, DLP, encryption, access management, incident response).  

• 10+ years in cyber security with 5+ years in senior leadership roles, with strength in stakeholder leadership, strategy and governance in complex enterprises  

• Exceptional communication skills to simplify complex technical and risk concepts for executive and nontechnical audiences.  

• Relevant qualifications (IT/CS/Cyber) and desirable certifications (e.g., CISSP, CISM, CISA, CDPSE), plus working knowledge of privacy regulations and industry standards (Australian Privacy Act, ISO 27001, NIST CSF).  

If you meet some of these requirements, but not all, we encourage you to submit your application.