Smart Device Security Lead (Security Labelling Scheme)

• Remote part-time role
• 3 days per week
• Be part of a nationally significant multi-stakeholder project
• Follow the application process provided at the end of the advertisement

Connected Technology Alliance (formerly IoT Alliance Australia) is seeking a Smart Device Security Lead to support the Project Manager in the running and delivery of an exciting and complex multi-stakeholder project.

The Alliance has been contracted by the Department of Home Affairs to co-design and implement an internationally aligned industry-led voluntary labelling scheme for consumer-grade smart devices.

Key outcomes of the project are to enable consumers to make informed decisions about the level of security when purchasing smart devices and to promote greater adoption of security features by manufacturers.

Key deliverables will be the governance and business model of the scheme, the operational model and processes for label issuance and maintenance, label design, consumer consultation and awareness, smart product manufacturer and supplier onboarding and supporting during the scheme pilot phase and a public launch.

High-level scheme design was completed in December 2025. In 2026, the scheme moved into the co-development and pilot phases, prior to planned scheme launch in March 2027.

This role is part of a small skilled team responsible for delivering a ready to launch security labelling scheme.

About Connected Technology Alliance

The Connected Technology Alliance is the peak body for connected digital technologies in Australia. A non-profit industry association, we formed as IoT Alliance Australia in 2016 to build a better society and economy through trusted, connected digital technologies and data.

What you’ll be working on

Reporting to the Program Manager, the Smart Device Security Lead (Security Labelling Scheme) will:

• Build knowledge and assist in the development of documentation during the compliance and certification co-development phase relevant to the Scheme security levels; test procedures and evidence required for certification; connected product scope definitions; and product category protection profiles

• Support and be the primary interface for liaison with manufacturers and suppliers of connected products and test laboratories in preparation for and during the pilot

• Establish good relations and work with key security stakeholders across government and industry including testing laboratories and accreditation agencies to ensure testing methods and their practical application are well understood and normalised

• Support alignment with international operators of security labelling schemes, e.g. members of the Global Cybersecurity Labelling Initiative

• Keep abreast of the development of relevant international security standards required to support the scheme and its evolution.

Selection criteria

The Smart device security lead requires skills at the intersection of cybersecurity, consumer electronics and regulatory compliance. The role requires both technical depth and an understanding of emerging security standards for consumer IoT devices.

1. At least 5 years of experience in the application of cyber security controls, frameworks and risk management
2. Strong understanding of embedded systems, firmware and related application software
3. Understanding and familiarity with IoT security standards, risks and issues
4. Industry standard cyber security credentials – e.g. CISSP, CISM, CISA, CGEIT, CRISC, Security+, SecurityX, CySA+
5. Excellent oral and written business communication skills, document writing and interpersonal skills
6. Ability to problem solve in a fast-changing environment
7. Exceptional stakeholder management skills with the ability to work collaboratively with multidisciplinary and diverse teams
8. Ability to travel interstate to attend meetings and events.

Highly Desirable

• Security testing and analysis experience
• Experience with consumer device design, manufacturing and certification
• Experience with regulations and working across diverse stakeholders

Please note: you must be based in Australia with unrestricted work rights. Visa sponsorship is not available for this appointment.

Remuneration

You will be employed as a 3 days per week, fixed term, part time employee until 31 March 2027. As such you will have the requisite paid leave entitlements.

Your renumeration will be pro-rata $140,000 per year plus superannuation, paid fortnightly.

We will pay employer superannuation contributions into the superannuation fund that you nominate to us, as provided for by Commonwealth legislation. These contributions are currently set at 12 per cent of your salary from 1 July 2025.

Reimbursement of expenses

Expenses in relation to performing this role will be reimbursed upon presentation of tax receipts.

Diversity and inclusion

The Alliance is an equal opportunity employer and strives to provide an inclusive and welcoming environment, and applicants who belong to traditionally underrepresented groups are strongly encouraged to apply. If you feel comfortable doing so, please feel free to note which pronouns you use in your application.

How to apply

Please email your application to frank.zeichner@iot.org.au

Your application must include the following:

• CV
• Statement addressing the selection criteria (no more than 1000 words)

Closing date for applications is Friday 1 May 2026.

 Visit us at connectedtechnologyalliance.com.au