Company Description
Company Description
At NCS Australia, we believe in doing technology services better. Our commitment to quality, focus on people, and willingness to challenge traditional thinking set us apart. Our team brings this belief to life by partnering with our clients and communities to make tomorrow together.
We are committed to creating an environment that prioritises innovation, collaboration, and purposeful work. Our diverse team is empowered to make a meaningful impact with curiosity, creativity and resilience to shape better outcomes. Join us and accept the challenge of creating a better tomorrow.
Job Description
We are looking for a skilled Security Analyst to play a crucial role in safeguarding our clients organization’s digital assets by possessing a comprehensive understanding of risk assessment and mitigation strategies. This involves the ability to meticulously analyze potential threats and vulnerabilities within systems and infrastructure, evaluating their likelihood and potential impact. Based on this thorough analysis, the analyst is responsible for developing and implementing robust mitigation strategies, effectively reducing the organization’s exposure to security risks. Furthermore, a key aspect of this role is the proactive identification of security weaknesses, often through techniques such as vulnerability scanning and penetration testing. The analyst must then be capable of translating these findings into actionable solutions, often collaborating with software development teams to integrate security considerations directly into the software design process. This ensures that security is not an afterthought but rather an integral part of the system’s architecture.
For Security Analyst to excel in this demanding environment, certain specialized knowledge and experience are highly valued. A strong understanding of security best practices specifically tailored for API development is increasingly important in today’s interconnected digital landscape. This includes knowledge of secure authentication and authorization mechanisms, data validation techniques, and strategies to prevent common API vulnerabilities. Moreover, familiarity with the security frameworks and processes commonly employed within the Federal Government sector is a significant advantage. This often involves adherence to specific compliance standards, risk management methodologies, and security documentation requirements. Finally, practical, hands-on experience with Amazon Web Services (AWS) security tools is highly desirable. This includes proficiency in utilizing services designed for identity and access management, network security, data protection, and threat detection within the AWS cloud environment. Additionally, the ability to conduct thorough code reviews, identifying potential security flaws and ensuring adherence to secure coding standards, is a critical skill for a well-rounded Security Analyst.

Qualifications

• Apply deep expertise in Cyber Operations or GRC to support organisational security objectives.
• The candidate must have strong background in Cyber Operations or Governance, Risk, Compliance and Assurance experience.
• Lead and participate in stakeholder workshops to gather, clarify, and document security requirements (functional and non-functional).
• Communicate effectively with business users and technical staff, including those with varying levels of technical understanding.
• Design and review cloud security architectures across IaaS, PaaS, and SaaS platforms.
• Provide analysis and guidance across the Security Lifecycle, including risk assessments, threat modeling, and control implementation.
• The Candidate should have proven experience providing analysis services and must have extensive experience with documenting business requirements (including functional and non-functional), etc.
• Assist in the selection and implementation of cybersecurity tools and platforms.
• Ensure security policies and controls are clearly communicated, documented, and embedded into systems and processes.
• Be present in the Melbourne CBD office at least three days per week.
• Experience in documenting security requirements, control frameworks, and assurance measures.
• Ability to lead workshops, translate complex security topics, and support secure solution delivery.

DESIRABLE SKILLS & QUALIFICATIONS

• Experience working in the Health Sector.
• Familiarity with cybersecurity tools such as SIEM, vulnerability management platforms, IAM solutions, etc.
• Relevant security certifications are highly desirable, including:
• CISM – Certified Information Security Manager
• CISSP – Certified Information Systems Security Professional
• CEH – Certified Ethical Hacker
• CCSP – Certified Cloud Security Professional
• AZ-500 – Microsoft Azure Security Technologies
  Additional Information

Please refer the Job description for details