_{25th March, 2026}

Principal Cyber Security Analyst (2 Positions)

Location: Canberra preferred (Australia-wide considered) 
Contract: Initial to 30 June 2027 + 12-month extension
Security Clearance: Must be able to obtain NV1

About the Role
We are seeking experienced Principal Cyber Security Analysts to support a Cyber Governance, Risk and Assurance function within a large federal government environment.

While Canberra-based candidates are strongly preferred, high-quality candidates from other locations across Australia will be considered. Travel to Canberra may be required.

This role sits within a high-performing cyber security team responsible for ensuring systems, data, and digital services are secure, compliant, and aligned with Australian Government standards. You will play a key role in strengthening security posture through governance, risk management, assurance activities, and policy uplift initiatives.

Key Responsibilities

Security Governance & Compliance

• Align security practices with PSPF, ISM, Essential Eight, and industry best practice
• Support IRAP preparation and accreditation activities
• Review and endorse security designs against established baselines

Cyber Risk & Assurance

• Identify, assess, and manage cyber security risks
• Provide assurance for cloud and ICT project delivery
• Conduct security assessments of systems and vendor solutions

Documentation & Reporting

• Develop high-quality security documentation (risk assessments, SSPs, reports)
• Deliver regular reporting on risk posture, compliance, and control effectiveness
• Provide clear, actionable insights to senior stakeholders

Stakeholder Engagement

• Provide expert cyber security advice across technical and business teams
• Build strong relationships with internal stakeholders and external vendors
• Mentor and support junior cyber security staff

Vendor & Third-Party Risk

• Lead security engagement with vendors and service providers
• Assess third-party security risks and ensure compliance with requirements
• Review deliverables and manage security obligations

Policy & Continuous Improvement

• Lead uplift of cyber security policies, standards, and procedures
• Identify gaps and recommend risk-based improvements
• Monitor emerging threats and strengthen security posture

Key Requirements

• Demonstrated experience in cyber security governance, risk, and assurance
• Strong knowledge of PSPF, ISM, Essential Eight, and Australian Government frameworks
• Experience in system accreditation, IRAP preparation, or compliance activities
• Ability to produce high-quality documentation and executive reporting
• Strong stakeholder engagement and communication skills
• Experience working in large or complex organisations

Desirable:

• Relevant certifications (CISSP, CISM, CISA, Security+, SABSA, GIAC, SANS, etc.)
• Experience in Australian Government environments

Apply For Job