EnergyAustralia Job Board

Coronavirus (COVID-19) Update: Reliable power is at all times critical to the health and wellbeing of people. In uncertain times, it becomes even more vital. People are depending on us to keep the lights on and serve our customers.

EnergyAustralia will continue to recruit but in a different way. Video or phone interviews will replace the normal face-to-face interactions. We’ll also work closely with our new starters to ensure that they’re safely onboarded as part of the EnergyAustralia team. In most cases, unless their role has to be performed at one of our sites, our new starters will work from home until further notice.

If there are no jobs of interest to you right now, click here to sign up for job alerts to receive emails when jobs matching your keywords and selected options for Work type, Locations and/or Categories are posted in future.

Existing Applicant Login

Job Search

Work type



Senior Cyber security Analyst

Apply now Job no: 505302
Work type: Full Time Permanent
Location: Victoria
Categories: Technology, Digital, Engineering

  • Drive program of offensive penetration testing/red teaming activities
  • Stakeholder engagement and applying the art of communicating to non-technical audiences
  • Join EnergyAustralia as we navigate through an exciting energy sustainability transformation 
  • Immediate start with key career growth both technical and leadership arenas

About us

The energy industry is undergoing a radical transformation. As one of Australia’s largest generators of electricity, we are stepping up to ‘light the way’ towards a cleaner energy future. EnergyAustralia form part of the CLP Group. Cyber Security is ranked as one of the groups highest priorities. This role reports through to EnergyAustralia’s Chief Information Security Officer and is based in our Melbourne EnergyAustralia office. This is a small and dynamic team with a critical mandate.

About the role

Reporting to the Technical Assurance Manager the key purpose and overall responsibility is to assist in the design and implementation of a program of offensive penetration testing/red teaming campaigns to identify weaknesses in EnergyAustralia's detective and protective controls. This role will work closely with the cyber team executing red team operations and penetration testing of the company in both Technology (IT) and Operational Technology (OT) domains.

Key accountabilities will include but not be limited to:

  • Required to assist in the development and execution of red teaming campaigns and assessments that target CLP’s security seeking to extract information, infiltrate systems and breach perimeters whilst avoiding detection
  • Analysing the Tools, Techniques and Procedures (TTPs) of threat actors and using this information to design campaigns to specifically test CLP’s IT and OT environments and the supporting technologies and processes.
  • Collaborate with key stakeholders (site-based IT staff and service providers) to provide advice and guidance on changes to configuration and processes to reduce vulnerability risks and with business personnel to reduce the risk of open-source intelligence (OSINT) leakage
  • Partner and align with Group Cyber Operations, IT operations, OT Operations, business operations and external parties
  • Engage our business to give advice on the development and maintenance of information security policy, standards, procedures, and governance frameworks

What we’re looking for:

  • Extensive experience with manual and automated pen testing tools including RAPID7, NMAP, Metasploit and Burpsuite.
  • Some IT experience with Microsoft enterprise technologies including but not limited to Windows, Active Directory, TMG, IIS etc.; Open source technologies such as Linux; virtualization technologies such as VMware and Hyper-V; and hands-on experience in TCP/IP networking, firewalls, VPN, intrusion prevention systems, network security monitoring, network vulnerability scanning.
  • Familiar with best-in-class IT & ICS security technologies by leading suppliers such as Cisco, Checkpoint, Palo Atos, Symantec, FireEye, and Juniper. Certifications such as OSCP/CREST is viewed positively.
  • Strong written and verbal communication skills, including the ability to gather and critically evaluate information and prepare written documents that clearly and concisely identify the issues presented and their proposed resolution.
  • Ability to explain technical issues to non-technical stakeholders and build positive workplace relationships.


How to Apply

If you share our passion for making customers a priority, doing the right thing, leading change and want to be part of an organisation focused on making a positive impact, click the 'Apply’ button to submit your application.

We’re committed to providing an inclusive culture so our employees can bring their whole selves to work and have a sense of belonging. From our PRISM network that creates a positive culture for LGBTI employees to our Reconciliation Action Plan that has commitments to strengthen relationships with Aboriginal and Torres Strait Islander people and organisations, it’s a workplace where everyone’s welcome.


Download the role position description

Advertised: AUS Eastern Daylight Time
Applications close: AUS Eastern Daylight Time

Back to search results Apply now

Share this:

| More