GRC Analyst

Step into a role where your governance craft actually shapes secure government outcomes. We’re looking for a Mid?Level GRC Consultant with an active NV1 who can own and uplift security documentation, drive assurance activities, and support end?to?end Authority to Operate (ATO) processes across major Federal Government programs.

What you’ll be doing

• Developing and maintaining System Security Plans (SSPs), IRAP?aligned artefacts, and compliance documentation
  
  
• Supporting ATO packages, risk assessments, control validation, and evidence gathering
  
  
• Working directly with program leads, architects, and SMEs to embed secure?by?design practices
  
  
• Contributing to governance uplift, policy refinement, and ongoing assurance cycles
  
  
• Translating technical detail into clear, defensible security documentation for senior stakeholders
  
  

What you bring

• Active NV1 security clearance
  
  
• 3–5 years in GRC, assurance, or cyber governance roles
  
  
• Strong understanding of ISM, PSPF, Essential Eight, and government security frameworks
  
  
• Experience preparing SSPs, risk registers, and audit?ready artefacts
  
  
• Confidence engaging with technical and non?technical stakeholders in complex environments
  
  

Why this role matters You’ll be the connective tissue between governance, engineering, and program delivery — ensuring systems meet accreditation requirements and stay defensible in a high?stakes environment.


We are an inclusive employer committed to fostering a diverse and accessible workplace. We encourage applications from Aboriginal and Torres Strait Islander peoples, people with disabilities, LGBTQIA+ individuals, people of all ages, and those from culturally and linguistically diverse backgrounds.