Cyber Security Analyst (GRC)

Help strengthen the Department’s cyber security posture by supporting the development and maintenance of a robust information and cyber security governance, risk and compliance framework. In this role, you will assist in enhancing the ISMS, monitoring cyber risks, and ensuring alignment with Queensland Government policies and standards. You’ll work closely with the Cyber Security Manager and broader team to support compliance, risk assessment activities, audit preparation and incident response.

If you're looking to grow your skills in cyber governance and contribute to protecting critical information assets, this role offers an excellent opportunity to learn, collaborate and make a meaningful impact.

This role plays an important part in supporting and maintaining a strong governance, risk and compliance framework that underpins the Department's Information Security Management System (ISMS) and overall cyber security posture. It contributes to the early identification, assessment and management of cyber risks, helping the Department remain resilient against evolving threats while meeting Queensland Government requirements.

In this position, you will assist in developing, enhancing and maintaining ISMS and cyber governance processes, ensuring they remain effective, contemporary and aligned with strategic objectives. You will support the assessment and monitoring of cyber security risks, contributing to risk treatment planning, reviewing mitigation strategies, reporting and helping maintain visibility over security performance.

A key part of the role is contributing to the Department's compliance obligations under the Information and Cyber Security Policy (IS18), the Queensland Government Enterprise Architecture (QGEA) frameworks, and relevant legislation and standards. You will help prepare evidence, maintain registers and support reporting activities to demonstrate ongoing compliance.

You will work closely with the Cyber Security Manager and the broader Cyber and Architecture Services team to maintain security tools, systems and dashboards, monitor for anomalies or suspicious activity, and produce clear and informative reports as required. You will also assist in collating and developing material to support internal and external ISMS and cyber security audits, contributing to improvement actions and continual uplift.

The role includes supporting technical working groups and advisory forums, helping ensure consistent governance practices and shared understanding across stakeholders. You will help promote cyber security awareness, contributing to education activities and reinforcing good security behaviours across the Department. You may also assist in responding to security incidents to help minimise operational impacts, escalating issues appropriately and supporting resolution activities.

As a member of the Cyber and Architecture Services team, you are expected to model and promote a safe, respectful and inclusive workplace environment, free from bullying, discrimination and harassment.

To Be Successful In This Role, You Will Bring

• A foundational understanding of information and cyber security governance, risk and compliance.
• Knowledge of ISMS principles, cyber frameworks or relevant standards (e.g., IS18, ISO27001:2022, QGEA).
• Strong analytical skills and the ability to interpret information to identify trends or risks.
• Good communication and teamwork capabilities, with a willingness to learn and collaborate.
• An interest in contributing to a culture of continuous improvement in cyber security.
  
  
  

This is an excellent role for someone looking to build capability in cyber governance and risk while contributing to the protection of critical information assets across the Department.

Applications to remain current for 12 months.

Occupational group IT & Telecommunications