Ship Systems Security Officer

Civmec is an Australian-owned, integrated, multidisciplinary heavy engineering and construction services provider to the energy, resources, infrastructure, marine and defence sectors. Our diversification enables us to operate extensively across the nation, supporting a wide range of landmark projects and providing variety and career development opportunities for our workforce.

The Export Controls and Security Officer is responsible for Civmec Defence Industries (CDI) security and export controls program across Defence projects. The role ensures controlled equipment, materials, and data are handled in line with legal, contractual, and Defence requirements, embedding security risk management across shipbuilding and related operations with fit-for-purpose security plans.

• Set security requirements for projects and facilities and embed them in processes and plans. Maintain and update security risk management plans, assessments, and registers
• Oversee controls for receipt, storage, movement, installation, and access to export-controlled and classified material. Maintain licences, agreements, re-transfer conditions, access logs, and usage evidence.
• Create security plans for operational activities, movements, and events, including VIP and public engagements.
• Coordinate personnel security, including clearances, inductions, briefings, debriefs, need-to-know, visitor and escort controls, and privileged access approvals.
• Maintain, accredit and evidence physical Security Zones in line with ASIO T4 Technical Notes and the PSPF PSZ guidelines, using SCEC-endorsed construction and equipment.
• Engage and direct security contractors and integrators with clear scopes. Verify outcomes meet compliance with DISP, PSPF, DSPF, ISM, and export control obligations where applicable.
• Initiate and coordinate incident response and investigations. Capture evidence, manage notifications, drive corrective actions, and record lessons learned.
• Plan and run internal reviews and audit readiness checks for DISP and customer audits.
• Set and maintain policies, standards, and work instructions for security and export controls.
• Embed security and export control terms in contracts with Commercial, Legal, and Procurement teams.
• Liaise with Defence, port authorities, OEMs, and partners where required.
• Develop and deliver export control, insider threat, and security awareness training, ensuring personnel understand compliance obligations.
• Maintain accurate registers, risk management and security assessments/plans, and evidence of compliance to support audits and reporting obligations.
• Collaborate with IT and Cyber Security teams where required for digital access controls and monitoring.
• Exercise decision making within agreed thresholds and elevate when required. Act as delegate for the Security Manager when needed.
• Drive continuous improvement of security capability, export control and DISP alignment.

• Drive continuous improvement of security capability, export control and DISP alignment.
• International Trade Advisors Certified Australian Export Control Officer (ECO) – or equivalent.
• DSVS Security Officer Certification.
• Must be able to meet the AGSVA eligibility requirements for NV1 clearance.
• Tertiary qualification in Risk Management or Governance.

• Managing export control compliance programs, including ITAR, EAR, and Defence Trade Controls Act (DTCA).
• Working with Defence Export Controls (DEC) processes and liaising with the Department of Defence on export authorisations, TAAs, MLAs, and permits.
• Administering access control programs for export-controlled technical data (physical and digital).
• Maintaining and auditing Security Risk Management Plans (SRMPs) and Zone Certification documentation under PSPF and DISP frameworks.
• Supporting or conducting internal and external compliance audits (Defence or DISP-related).
• Coordinating training and awareness programs on export control and security obligations.
• Managing data segregation, user access, and controlled information handling in ICT systems.
• Supporting governance, risk, and compliance activities across DSPF/PSPF/DISP domains.
• Collaborating with…