Cyber Security Analyst

About the Role

We are seeking a skilled Vulnerability Management Analyst with hands-on experience in Rapid7 to join our growing cybersecurity team. You will play a key role in identifying, validating, and coordinating the remediation of vulnerabilities across enterprise environments, ensuring alignment with best practices such as the Essential Eight.

Location: Sydney / Newcastle

Day-to-Day Responsibilities Include:

• Conducting regular vulnerability scans and assessments using Rapid7 across on-prem and cloud environments.
• Performing manual validation and analysis of vulnerabilities to reduce false positives.
• Collaborating with IT and development teams to prioritise and track remediation.
• Creating and managing tickets in ServiceNow (or similar platforms) to ensure remediation workflows are followed.
• Assisting in the development of vulnerability management procedures, reporting, and metrics.
• Staying informed on emerging threats and mitigation strategies.
• Supporting compliance with security frameworks like the Essential Eight or CIS Controls.

Key Skills & Experience:

• 1–3 years of hands-on experience with Rapid7 (InsightVM or Nexpose).
• Basic understanding of vulnerability scoring (e.g., CVSS).
• Experience with ticketing tools such as ServiceNow (preferred).
• Exposure to ELK Stack or other SIEM tools (preferred).
• Strong collaboration and communication skills to engage with technical and non-technical stakeholders.
• Familiarity with IRAP standard, Essential Eight, CIS Controls, or CompTIA Security+ knowledge (preferred).
• Scripting or automation knowledge (e.g., Python, PowerShell) is a bonus.

Preferred Qualifications:

• Tertiary qualifications in Cybersecurity, IT, or a related field (or equivalent experience).
• CompTIA Security+ or similar entry-level certification (preferred).

Other Requirements:

• Strong attention to detail, problem-solving ability, and a proactive mindset.