Senior Cybersecurity Officer at Energy One Limited

Sydney, New South Wales, Australia -

Full Time

Start Date

Immediate

Expiry Date

23 Aug, 26

Salary

0.0

Posted On

25 May, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Application Security, Infrastructure Security, Penetration Testing, Risk Management, ISO 27001, Secure SDLC, Threat Modelling, SAST/DAST/SCA, Vulnerability Management, Identity And Access Management, Incident Coordination, Stakeholder Management, GRC, Endpoint Security, Network Security, Logging And Monitoring

Industry

Software Development

Description

About Energy One Energy One is a publicly listed leader in energy trading software, with over 15 years of experience delivering mission-critical services to wholesale energy, environmental, and carbon trading markets. We are the largest provider of 24/7 operational energy services in Australia and the second largest in Europe. Our technology supports a wide range of clients - from agile start-ups to major global energy enterprises, helping them navigate a fast-evolving industry shaped by climate goals, renewable energy integration, and market volatility. The Role The Senior Cybersecurity Officer will strengthen Energy One’s security posture and safeguard our digital assets. You will bring a strong background in application and infrastructure security, penetration testing, and hands-on expertise with modern security tools. You will play a key role in identifying vulnerabilities, managing risks, and ensuring compliance with industry standards. Reporting to the Group CISO, the Senior Cybersecurity Officer will deliver across the business, with a strong focus on Australian operations and application security. You will own the day-to-day security oversight, risk management, and security process execution, ensuring controls are implemented effectively and security issues (incidents, vulnerabilities, audit findings) are identified, prioritised, and driven to closure in partnership with IT, Engineering, Product, and vendors. * 5+ years in information/cyber security operations, GRC, and/or security service delivery; * Strong stakeholder management and written reporting skills; * Hands-on, pragmatic risk/issue management and incident/vulnerability coordination; * Familiarity with ISO 27001/ISMS evidence and audit practices; * Working knowledge of common security controls (identity and access management, vulnerability management, endpoint/network security, logging/monitoring); * Application security experience including secure SDLC, threat modelling, and coordinating remediation of SAST/DAST/SCA and penetration test findings. * Ability to partner effectively with software engineers and product teams, translate security requirements into actionable work, and collaborate with global teams. * Understand and support developers in an application security context; * Coordinate the response to security events and vulnerabilities (including MDR escalations) and track remediation to closure; * Maintain and improve security controls and baselines; * Support the ISMS by maintaining policies/standards, collecting evidence, and preparing for internal/external audits; * Perform risk assessments and maintain security risk/issue registers; * Produce clear status reporting and run operational governance cadence with regional stakeholders; * Support access reviews, exception handling, and change control; * Partner with the engineering and product teams to uplift application security by embedding secure SDLC practices (security requirements, threat modelling, design reviews), support penetration testing activities, oversight over security tooling (e.g., SAST/DAST/SCA/secret scanning as applicable), and triage/remediate application findings with agreed SLAs. * Flexible hybrid work environment * Modern office environment * Work with diverse and inclusive teams * Energy promotes career growth and professional development * Be part of a growing global business with exciting prospects Ready to Join Us? Join us to lead cutting-edge security initiatives by assessing vulnerabilities, implementing best practices, and collaborating across teams to safeguard applications, infrastructure, and networks. Apply now, with your resume and tailored cover letter and help us power the future of energy. Energy One is committed to diversity, inclusion, and equal opportunity. We welcome applications from people of all backgrounds. Refer a friend Current employees can refer a friend and receive $3,500 on completion of 6 months employment.

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities

The Senior Cybersecurity Officer is responsible for strengthening the company's security posture by managing vulnerabilities, risks, and compliance across Australian operations. This includes overseeing the secure SDLC, coordinating incident responses, and partnering with engineering teams to remediate security findings.