Career opportunities

About the Role:

Cyber Security is one of EnergyAustralia’s top risks - part of our security strategy aims to significantly increase cyber security maturity across the organisation.

The Cyber Risk and Assurance Lead role will drive the execution of the organisation’s risk strategy whilst being accountable for delivering key assurance activities that evaluate the design and effectiveness of technology and cyber controls. Responsibilities include:

• Lead and coordinate risk and assurance activities across the cyber domain, ensuring alignment with EnergyAustralia’s risk management framework
• Facilitate AESCSF assessments conducted by an external provider, ensuring stakeholder readiness, coordination, and input to strategic remediation planning
• Develop and maintain high-quality risk reporting, controls assurance insights, and recommendations for senior stakeholders and governance forums
• Support and coordinate the delivery of external PCI DSS assessments with third-party vendors, ensuring scope, evidence, and stakeholder engagement is effectively managed
• Lead the identification, assessment, and management of technology and cyber risks across IT and OT environments

About You:

You will have a minimum 5–7 years of experience in IT or Cyber Risk Management, Technology Assurance, or Governance roles and are experienced in uplifting both policy/procedures and team capability. Additionally, some of the following: 

• Strong understanding of enterprise risk management principles and regulatory compliance requirements
• Demonstrated experience coordinating external assurance providers or audits (e.g., PCI DSS, AESCSF assessments)
• Skilled in policy interpretation and control assessment and proficiency with GRC or third-party risk management tools
• Relevant industry certifications such as CISA, CISM, or CISSP
• Strong risk analysis and problem-solving capabilities with high attention to detail (including documentation)
• Excellent written and verbal communication skills to engage with technical and non-technical stakeholders
• Familiarity with critical infrastructure obligations (e.g., SOCI Act) is advantageous

Why join the Cyber Risk Team:

• Purpose with impact
• The team is at the forefront of navigating complex challenges in a critical sector. The assurance you provide doesn’t just mitigate risks; it ensures the trust our customers place in us to deliver reliable, secure and sustainable energy without compromise
• Trusted Expertise 
• You’ll work alongside highly skilled professionals who value diverse perspectives and innovative ideas
• Opportunities for growth
• You’ll have access to cutting edge technology, opportunities to lead and contribute to high impact projects and training programs and industry certificates to enhance your expertise

How to Apply:

If you’re ready to ‘light the way’ towards your next career move, click the 'Apply’ button to submit a confidential application. For any questions, please reach out to Jock Clydesdale, Talent Acquisition Partner @ jock.clydesdale@energyaustralia.com.au

Why Us:

At EnergyAustralia, we are committed to providing an inclusive culture so our employees can bring their whole selves to work and have a sense of belonging. As an employee you can enjoy such benefits as:

• Employee discount on your electricity and gas, discounts on major brands and products
• Energise Program - flexible working that is team centric enabling all individuals to agree and succeed together
• Excellent company culture, down-to-earth and friendly organisation - be authentic, bring your whole self to work!
• 2 paid recharge days
• State-of-the-art Melbourne office, stunning views only 3-4 minute walk from Southern Cross station
• Onsite Tech Bar

We’re committed to providing an inclusive culture so our employees can bring their whole selves to work and have a sense of belonging. From our PRISM network that creates a positive culture for LGBTQ+ employees to our Reconciliation Action Plan that has commitments to strengthen relationships with Aboriginal and Torres Strait Islander people and organisations, it’s a workplace where everyone’s welcome.