Cyber Security Risk Analyst - Burwood East, Australia - Country Fire Authority

    Country Fire Authority
    Country Fire Authority Burwood East, Australia

    3 weeks ago

    Default job background
    Fixed term - Full time
    Description

    About this role

  • Located at CFA Headquarters, Burwood East
  • Fixed Term, Full time 2 years
  • PTA 5 $, pa (plus 11% superannuation)

    • The CFA are proud of the work we do, protecting lives and property, 24 hours a day, 7 days a week.

    With over 51, volunteers CFA strives to be an organisation of choice for volunteers and employees. We, embrace individuals with diverse skills, experience and backgrounds, recognising the unique value they bring to CFA.

    Want to read more about the Country Fire Authority (CFA) click .

    About the Role

    The CFA has a 2-year fixed-term project role with a focus on uplifting CFA's cyber security Governance, Risk and Policy frameworks and strategies. The Cyber Security Risk Analyst has a critical role to play at CFA to maintain the integrity, confidentiality, and availability of CFA's information assets while ensuring compliance with regulatory requirements and industry best practices.

    Forming part of the Cyber Security team and working with stakeholders across the CFA to achieve the organisations cyber security objectives and practices, the role aims to develop and enforce relevant security policies, contributing directly to minimising security risks.

    Key responsibilities of the role will include the following:

    • Lead the implementation and management of Governance, Risk and Compliance frameworks at CFA, focusing on Microsoft Purview for data governance, protection, and compliance.
    • Ensure compliance with standards and regulations, develop and deliver regular GRC reports, apply Governance, Risk and Compliance principles to digital identity management, and update security policies.
    • Implement a protective markings system for sensitive information.
    • Develop and deliver training programs on compliance policies and data protection best practices.
    • Conduct third-party risk assessments and support business impact assessments. Assist in developing and maintaining business continuity and disaster recovery plans. Build stakeholder confidence in the organisation's security program.

    About You

    Our ideal candidate will be able to demonstrate the following;

    • Tertiary qualifications in Information Technology, Cybersecurity, Law, Business Administration, or a related field, and familiarity with frameworks such as MITRE ATT&CK, OWASP Top Ten, and NIST Cybersecurity Framework is preferred.
    • Proven track record of supporting Business Impact Analyses, developing Business Continuity Plans, and Disaster Recovery Plans.
    • Previous experience in a GRC-focused role within an IT or cybersecurity context, with demonstrated success in developing and implementing GRC frameworks and compliance strategies.
    • Strong skills in writing clear, actionable, and comprehensive security policies, particularly those focusing on identity management.
    • Highly developed skills in written communication, inter-personal interactions, and an ability to develop effective relationships and influence key stakeholders.

    Why choose CFA

    • Meaningful Purpose: Your contribution truly makes a difference
    • Work-Life Balance: Paid parental leave, generous leave provisions
    • Growth Opportunities: Learning and development
    • Flexibility: Hybrid work options with flexible work arrangements
    • Discounts: Emergency Memberlink discounts on various services
    • Wellbeing Focus: Healthy for Life programs, flu vaccinations
    • Member Assistance Program: Access support across 8 service pathways

    Your Application

    Click the 'apply' button to access our online application form. Here you will be asked to provide personal and contact details and respond to employment-related questions.

    When applying for a position with CFA, please submit a cover letter and resume that demonstrates your qualifications, experience, key attributes and skills required for the position.

    Pre-employment Checks

    Offers of employment will only be made to candidates who:

    • Successfully complete a National Police History Check, Working Rights Check and hold a valid Working with Children Check.

    CFA is committed to creating and maintaining a diverse, inclusive, and safe volunteer and work environment. Our aim is to have a volunteer and paid workforce that reflects the community it serves. First Nations people, women, people of all ages, with disabilities and culturally and linguistically diverse people are encouraged to apply.

    Applications close: 11:59pm 30 th April

    If at any stage of the recruitment and selection process you require an alternative format to the application material or reasonable adjustment to the interview arrangements, please don't hesitate to contact the person listed on the ad or alternatively, email

    The Country Fire Authority (CFA) values your privacy. We will use the information you provide when you are applying for employment with us for the purpose of recruitment, selection, evaluation and appointment and to report on anonymised key metrics (e.g. diversity). The information we collect will be handled in accordance with privacy laws, including the Privacy and Data Protection Act . You can view our Privacy Statement