Lead Cybersecurity Analyst

A major Australian Government agency is seeking a Lead Cybersecurity Analyst to strengthen its Cybersecurity function and uplift its governance, risk, and assurance capability.

You’ll join a mature, well-structured Cyber team with strong foundations already in place, stepping into a role that has been carefully developed over recent years. This is a chance to influence enterprise-level security posture, guide stakeholders, and support the agency’s ongoing compliance with PSPF, ISM, and Essential Eight requirements.

If you’re a seasoned GRC professional who enjoys shaping policy, advising on risk, and embedding best-practice security across an organisation, this is a high-impact contract worth your attention.

Key Responsibilities

• Evaluate compliance against PSPF, ISM, and ACSC Essential Eight frameworks.
  
  
• Provide expert advice on security controls, policies, and procedures.
  
  
• Conduct periodic cyber risk assessments up to the Protected classification level.
  
  
• Collaborate with architecture and business teams to support the Cyber Work Plan and Technology Strategy.
  
  
• Lead or contribute to internal audits, including planning, execution, and reporting.
  
  
• Analyse changes in legislation/regulation and advise on organisational impacts.
  
  
• Develop, uplift, and maintain Information Security governance processes.
  
  
• Contribute to the corporate Information Security strategy with minimal supervision.
  
  
• Update and refine security policies, standards, and operating procedures.
  
  
• Mentor team members and support knowledge-sharing across the Cyber function.
  
  

What You Bring

• Experience at EL1-equivalent level, or SFIA 4/5 capability.
  
  
• Strong background in Cyber Governance, Risk & Compliance.
  
  
• Demonstrated experience with PSPF, ISM, and Essential Eight.
  
  
• Ability to provide authoritative security advice to technical and non-technical stakeholders.
  
  
• Experience developing or reviewing security policies, standards, and risk management plans.
  
  
• Ability to work independently while contributing to a collaborative team environment.
  
  
• Excellent communication, stakeholder engagement, and documentation skills.
  
  

Highly Desirable

• CISSP, CISM, or equivalent certifications.
  
  
• Experience with IRAP, Essential Eight assessments, or security auditing.
  
  
• Prior government experience and familiarity with APS Code of Conduct expectations.
  
  

You’ll be joining a federal agency with a clear mandate to protect Australian workplaces and ensure compliance with national standards. The Cyber team plays a critical role in safeguarding systems, data, and operations, and your expertise will directly influence the agency’s security posture and strategic uplift.


We are an inclusive employer committed to fostering a diverse and accessible workplace. We encourage applications from Aboriginal and Torres Strait Islander peoples, people with disabilities, LGBTQIA+ individuals, people of all ages, and those from culturally and linguistically diverse backgrounds.