Job no: 531777
Work type: Full Time
Location: Sydney, NSW

Categories: Information Technology, Cyber

• Employment Type: Cyber Security, Governance and Risk Analyst, continuing role
• Starting salary $110,073 plus generous super and leave loading
• Location: UNSW Kensington Campus (Hybrid Working Opportunities)

SKILLS AND EXPERIENCE:

• A minimum of 2-3 years of experience in cyber security governance, compliance, risk management or cyber security operations within major organisations.
• Sound understanding of control assurance testing / auditing as well as identity and access management principles.
• Well-developed knowledge of cybersecurity principles and practices.
• Ability to present with credibility and translate technical and complex information concisely for diverse audiences using strong analytical and problem-solving skills.
• Strong negotiation and influencing skills to effectively manage key stakeholders, build robust relationships and work with a diverse set of business and technology people across the university and third-party vendors.
• Experience with industry-wide security standards and compliance frameworks such as ISO/IEC 27001, NIST CSF, COBIT 5 etc.
• Relevant industry certification(s) such as CSX, CRISC, CISA, CISSP, ISO/IEC 27001 Lead Implementer/Auditor, AWS, Google, Microsoft Technology (highly desirable).
• Demonstrated high level of personal motivation, resilience, and ability to work effectively individually or in teams.
• An understanding of and commitment to UNSW’s aims, objectives and values in action, together with relevant policies and guidelines.
• Knowledge of health & safety (psychosocial and physical) responsibilities and commitment to attending relevant health and safety training
  To Apply: If this is of interest to you, please submit your CV, Cover Letter and responses to the Skills and Experience outlined above and in the position description.
  More Information: visit https://www.jobs.unsw.edu.au/
  Contact
  Jen MacLachlan, email: j.maclachlan@unsw.edu.au
  Applications close: Monday 21st of April at 11.30pm

Benefits and Culture

• Flexible hybrid working
• An additional 3 days of leave over the Christmas Period
• Access to lifelong learning and career development
• Progressive HR practices
• Discounts and entitlements

UNSW is committed to equity diversity and inclusion. Applications from women, people of culturally and linguistically diverse backgrounds, those living with disabilities, members of the LGBTIQ+ community; and people of Aboriginal and Torres Strait Islander descent, are encouraged. UNSW provides workplace adjustments for people with disability, and access to flexible work options for eligible staff.
The University reserves the right not to proceed with any appointment.
Position Description
Advertised: 08 Apr 2025 AUS Eastern Standard Time
Applications close: 21 Apr 2025 AUS Eastern Standard Time

• Maintain cyber security policies and standards, periodically review, update, and align them with the overall policy framework and manage exemptions.
• Maintain and operationally deliver cyber security controls assurance services designed to assess whether key controls are operating effectively and consistently, including auditing of internal cyber security controls; risk assessment of 3rd party/supply chain risk exposure; and penetration testing of ICT systems and infrastructure.
• Maintain and administer a quantitative (value-at-risk) threat model relevant to the reporting of UNSW’s major cyber security threats and key controls.
• Maintain cyber risk register, socialise the risks to the relevant teams and administer the completion of risk treatment and policy compliance initiatives.
• Administer, and operationally deliver cyber security policy risk and metrics reporting using metrics dashboard to drive compliance.
• Coordinate and support the independent audit of cyber security controls on behalf of the University, including statutory audits completed by the Audit Office of NSW.
• Maintain and administer the cyber security awareness and training initiatives.
• Maintain awareness of legal, regulatory compliance and contractual obligations that are relevant to the University’s management of cyber security risk.
• Maintain an awareness of the University’s internal and external environment for emerging threats and advise the Head of Cyber Security Operations as appropriate.
• Escalation of significant security issues and risks as appropriate.
• Cooperate with all health and safety policies and procedures of the university and take all reasonable care to ensure that your actions or omissions do not impact on the health and safety of yourself or others.
• Align with and actively demonstrate the UNSW Values in Action: Our Behaviours and the UNSW Code of Conduct.
• Cooperate with all health and safety policies and procedures of the university and take all reasonable care to ensure that your actions or omissions do not impact on the psychosocial or physical health and safety of yourself or others.