Careers at AICS
Build your career at Australia’s professional institute for cyber security. Roles in education, accreditation, advocacy and operations support our mission to lift the standard of cyber security practice.
Careers at AICS
AICS is the professional institute for cyber security professionals in Australia. Supporting individuals at every stage of their career is central to our mission, from those just exploring the possibility of a career change to mid-career practitioners seeking professional recognition or advancement, and to senior leaders shaping the future of the profession. We host Career Days throughout the year, publish regular career guidance and workforce analysis, and actively connect job seekers with employers across government, financial services, healthcare, defence, and the broader private sector. For information on job listings and posting opportunities, contact us at [email protected].
Is cyber security the right profession for you?
A career in cyber security suits people who are curious, methodical, and comfortable working under pressure. The profession rewards those who can think like an attacker while building defences, who manage complexity and ambiguity well, and who understand that protecting systems requires both technical precision and sound judgement. It is not exclusively a technical discipline. Many of the most important roles in the field require legal, governance, risk management, or communications skills as much as they require coding or networking knowledge, and the profession actively needs people who can bridge the gap between technical security teams and the broader organisations they serve.
Most people who enter cyber security come from an IT background, whether through experience in networking, systems administration, software development, or IT support roles. That grounding matters because security professionals need to understand what they are protecting before they can protect it effectively. At the same time, the profession is actively seeking people from adjacent disciplines including law, accounting, project management, and defence to fill growing demand for governance, compliance, and risk management roles. A cyber security career typically begins with a solid grounding in information technology, but it does not require a computer science degree. Structured training, recognised credentials, and practical experience are the currency of hiring decisions across the sector.
Why the profession matters
The work cyber security professionals do has real consequences for real people. Every successful attack on a healthcare system puts patient records at risk and can disrupt the delivery of care. Every ransomware incident affecting a business may cost jobs, destroy years of accumulated data, and cause months of operational disruption. Every compromise of a government system may expose confidential information about citizens, undermine the integrity of public services, or damage the relationships of trust that democratic institutions depend on. The digital systems that underpin modern Australian life, including banking, utilities, telecommunications, transport, healthcare, and the machinery of government, are sustained by the ongoing work of security professionals who monitor, defend, and continuously improve those systems against adversaries who are persistent, organised, and well-resourced.
Cyber security also carries national significance that extends beyond individual organisations. The integrity of elections, the security of defence capability, the reliability of critical infrastructure, and the economic resilience of the country all depend on the quality and depth of the security profession. Attacks on Australian organisations by nation-state actors and sophisticated criminal groups are not hypothetical: they are documented, ongoing, and consequential. The professionals who counter those threats do work that matters in a direct and immediate way. For anyone looking for a career where the outcomes are tangible and where technical skill translates into genuine protection for the people and systems that others depend on, cyber security is a compelling choice.
Where cyber security professionals work
Cyber security professionals work across almost every sector of the Australian economy. The Commonwealth government and the Australian Defence Force represent the largest single employer of dedicated security professionals, with particularly high concentrations in Canberra. Roles in this sector frequently require an Australian Government security clearance at Baseline, NV1, or NV2 level, and they tend to offer both competitive salaries and meaningful national security work. Financial services, including the major banks, insurance companies, and superannuation funds, is the second largest sector, driven by regulatory requirements under APRA’s CPS 234 standard and the sustained threat environment facing financial infrastructure. Healthcare, critical infrastructure, telecommunications, and utilities are all growth areas as these sectors digitise and face increasing regulatory scrutiny. Managed security service providers have also expanded significantly as smaller and mid-sized organisations outsource security operations to specialist providers, creating strong demand for SOC analysts and security engineers with broad platform experience.
What skills do you need?
Technical skills that Australian employers consistently seek include networking fundamentals covering TCP/IP, firewalls, and routing; operating systems knowledge across Windows Server and Linux; identity and access management; cloud platform familiarity across AWS, Azure, and GCP; scripting and automation capability in Python and PowerShell; and experience with security tooling including SIEM platforms, vulnerability scanners, and endpoint detection and response products. Non-technical skills that distinguish strong cyber professionals include the ability to communicate risk clearly to non-technical stakeholders, attention to detail, structured problem-solving under pressure, and resilience in a field where the adversary never stops. Familiarity with the Australian Government’s Essential Eight mitigation strategies, the ACSC Information Security Manual (ISM), the NIST Cybersecurity Framework, and ISO/IEC 27001 is expected in most professional roles and is essential in government and regulated industry positions.
What you can expect to earn
Cyber security is consistently among the highest-paying technical disciplines in Australia. Entry-level roles in security operations and analysis start from around $65,000 to $85,000 per year. Mid-career professionals with five to eight years of experience typically earn between $110,000 and $160,000. Senior architects, senior consultants, and security managers earn $160,000 to $200,000, and executive roles such as CISO command $200,000 to $350,000 or more. The spread across specialisations is significant: penetration testers with in-demand offensive skills often earn more than equivalently experienced analysts, while GRC specialists in highly regulated sectors such as banking and superannuation attract a premium due to the compliance obligations their employers face. Canberra roles attract the highest average salaries due to government and defence concentration, and positions requiring a security clearance typically carry a salary premium of 10 to 20 per cent above equivalent uncleared roles.
Getting qualified
Formal qualifications are a recognised signal of competence and are often required or preferred in job advertisements across the sector. For those entering from an IT background, CompTIA Security+ is the most widely accepted entry-level credential. The CISSP from ISC2 is the benchmark qualification for experienced practitioners and is required or preferred in most senior Australian roles. The CISM and CISA from ISACA are valued in governance and audit functions, while the Offensive Security Certified Professional (OSCP) is the most respected hands-on credential for penetration testers. For cloud security, AWS and Microsoft vendor certifications carry weight with employers. AICS offers training courses including the Foundations of Cyber Security and the Cyber Security Accreditation Course that are mapped to industry frameworks and designed to build the practical skills Australian employers look for. AICS membership also connects you with a professional community, industry resources, and a recognised standing within the Australian cyber security sector.
How AICS supports your career
AICS provides structured support to cyber security professionals at every career stage. Our training and accreditation pathways are designed to map directly to the skills frameworks and certification requirements that govern hiring decisions across the Australian market. AICS membership connects you with a professional network, access to industry resources, and a recognised professional standing within the community. The AICS Career Hub is the dedicated online resource for job listings, career advice, employer connections, and guidance on building a competitive profile. For those already established in the field, AICS Fellowship recognises sustained contribution to the profession at its highest level. Career Days held throughout the year bring together employers and candidates for direct engagement across all disciplines and experience levels. If you are considering a career in cyber security, changing direction within the field, or looking to hire the right person for your organisation, contact the AICS team at [email protected].
