Cyber GRC Analyst

HorizonOne are excited to be partnering with Icon Water to recruit new team members into their Digital Technology Group.

About Icon Water

Wholly owned by the ACT Government, Icon Water has delivered essential services to Canberra for over 100 years. While primarily a water and sewerage provider, it also invests in electricity and gas through private partnerships, operating across both government and commercial sectors.

Icon Water is focused on sustainability, playing a key role in addressing climate change, protecting the environment, and achieving net zero emissions by 2045.

Serving approximately 190,000 customers, the business manages over $3.2 billion in assets, including dams, treatment plants, reservoirs, and networks of mains and pumps, and generates around $490 million in annual revenue.

The Opportunity

Icon Water is progressing through a significant digital and data transformation, making this a highly impactful time to join. This is a high-impact Cyber GRC Analyst role where your insights and work will influence strategic risk decisions, operational maturity, and critical infrastructure protection.

You will report to the Cyber GRC Lead and Manager, who regularly present to senior executive committees. This is a unique Canberra-based opportunity to build influence and capability in a values-driven environment, where you can see the real impact on the community.

Please view the candidate information page for this role here: bit.ly/H1DTGrecruitment

The Role

Working across both cyber strategy and hands-on GRC execution, key responsibilities include:

• Maintain cyber risk management processes
• Translate policy frameworks (e.g. ISM, NIST, PSPF) into real-world implementation
• Prepare and present reports to Risk & Assurance Committee every six weeks
• Uplift compliance and maturity through structured improvement programs
• Support internal audits, risk reviews, and framework alignment
• Contribute to cyber awareness, training, and business engagement initiatives
• Work closely with IT, OT and business teams to build a holistic cyber capability
• Track incidents, exceptions, and risk mitigations with high attention to detail

The Ideal Person

You’re a confident and structured communicator with 5+ years’ experience in Cyber GRC, risk, or assurance, bringing strong knowledge of the ISM and cyber maturity models, as well as the ability to build trust across IT, business, and executive teams.

You have a calm, curious, and empathetic approach to stakeholder engagement, ideally with experience in critical infrastructure and certifications such as CISSP, CISM, or CRISC. An understanding of utilities, energy, or other critical infrastructure environments is highly regarded.

Salary / Rate

The salary band starts at $147,800 + 15% Super. Flexible depending on experience.

In addition to an attractive remunerartion package, Icon Water offer great employee benefits including:

• Flexible working arrangements
• Career development opportunities
• Health and wellbeing contributions
• Salary sacrifice options

How to Apply

• Applications close Sunday 8th February 2026 11:59pm (AEDT).
• Early applications are encouraged, as we will review them as they are received.
• Alternatively, for a confidential discussion, please contact Prajj K C on 02 6108 4878 quoting ref no 21266

HorizonOne is committed to building a diverse and inclusive workforce and we encourage applications from people of all cultures, capabilities and backgrounds.