Cyber Security Analyst

Suburban Rail Loop (SRL) is an integrated transport infrastructure and precincts planning project that will deliver a 90km rail line linking every major train service from the Frankston Line to the Werribee Line via Melbourne Airport, as well as investment in the suburbs, better connecting Victorians to jobs, retail, education, health services and each other. Suburban Rail Loop Authority (SRLA) is the statutory body established to plan all elements of the project, procure builders, develop structure planning for SRL Precincts and oversee construction and the other changes that will help transform Melbourne and Victoria. SRL is more than a rail project. It's a once-in-a-generation opportunity to plan for and prepare our city and state to meet the needs of future Victorians, and we can't do it alone. We are on the lookout for people with drive, expertise, fresh ideas and new perspectives to deliver Victoria's biggest ever infrastructure project. You will be part of history in the making, and while we're at it, we will be shaping your future too. About the opportunity Reporting to the Cyber Security Manager, you will play a pivotal role in : Conducting regular security assessments to identify vulnerabilities and risks for systems and services, including performing security risks assessments for all third‑party vendors, suppliers and partners to ensure compliance with security requirements and standards, and coordinating penetration testing, vulnerability scanning and security audits across the organisation’s infrastructure Contributing to the development and maintenance of security documentation, such as policies, procedures and guidelines, to ensure the effective management of security risks in the organisation, including documenting security controls and security risk assessments in line with the Victorian Protection Data Security Framework Contributing to the development of cybersecurity awareness training program to actively uplift the organisation’s security awareness and culture, preparing, reviewing and disseminating education and awareness content, including contributions to news articles and presentations, and developing and maintaining the internal cybersecurity intranet content Maintaining Identity and Access Management compliance with industry regulations, legislative requirements, policies and standards, ensuring digital identity and access lifecycle aligns with the IAM standard and seeking opportunities to improve IAM capability, building and maintaining operational reports that track the effectiveness of IAM controls, and managing the User Access Reviews Collaborating with project stakeholders, including developers, project managers and business users, to ensure the security requirements are met, providing guidance on security best practices and communicating security risks and issues Staying up to date on security trends and emerging threats to ensure the security of the Suburban Rail Loop is maintained, researching new security technologies and techniques, attending training sessions and participating in security forums and conferences This is an ongoing, full‑time role. You will work in a hybrid work model with access to a range of flexible working arrangements. About you Well‑developed written and verbal communication, negotiation, influencing and interpersonal skills Ability to work independently or as a collaborative team member, and inclusively build effective relationships and contribute towards a positive team environment Demonstrate a commitment to continuous learning and staying updated on the latest trends and practices in cyber security Knowledge of contemporary cyber security practices, standards, frameworks and the threat landscape in a large complex organisation. Knowledge and experience in the identification and management of information technology risks and security vulnerabilities in a complex and varied ICT security environment Experience in information security audit, assurance and compliance, identity and access management principles, System and Organization Controls (SOC) 2 and cloud compliance standards as well as coordinating penetration testing and vulnerability scans Experience in the design, development and delivery of training and awareness materials utilising various tools and techniques Strong technical skills in network security, application security, cloud security, encryption technologies and security tools and technologies Knowledge of Australian Cyber Security Centre Essential Eight, MITRE Adversarial Tactics, Techniques and Common Knowledge (ATT&CK) Framework, National Institute of Standards and Technology Cybersecurity Framework, ISO 27000 and / or Control Objectives for Information Technologies (COBIT) 5 A recognised tertiary qualification in Information Technology, Cyber Security or a cognate discipline Why join us Generous leave entitlements An emphasis on work‑life balance High‑performing team environment Equal opportunity employer Personal and professional development opportunities Committed to safety and wellbeing Training and development opportunities Our People Strategy and Gender Equality Action Plan are designed to enhance diversity in our workplace through targeted attraction strategies. If you have any questions related to recruitment, please feel free to reach out to the recruitment adviser or hiring manager mentioned in the position description. For individuals with disabilities requiring adjustments during the recruitment process, our Inclusion team is here to provide support. The inclusion mailbox () is specifically for those seeking further information about targeted recruitment strategies and for individuals with disabilities requiring adjustments. Please contact us, and we will ensure your needs are met during the application and recruitment process. SRLA is committed to providing a working environment which is safe and without risk to the health of its employees and partners consistent with its obligations under the Occupational Health and Safety Act 2004 (OH&S Act). To support this, SRLA recommends that all employees be fully vaccinated. How to apply Please click Apply Now to submit your application online. Please include a resume and a one‑page cover letter. We want to know why you want to work for the Suburban Rail Loop Authority, why you are interested in the role, and taking into account the key selection criteria as a whole, how your skills, knowledge, experience and qualifications are applicable to the role. Please note that appointment of successful applicants will be made subject to a satisfactory pre‑employment screening check. Applications close Australian Eastern Standard Time 11 : 59pm Monday 26 August 2024 #J-18808-Ljbffr