Career opportunities

About the Opportunity:

Reporting into the Cyber Risk Lead, the Cyber Risk Specialist will provide comprehensive oversight of the identification, recording/tracking, and remediation of OT security risks across energy sites and the entire enterprise. Responsibilities include:

• Contribute to the formal security risk assessment process that will be applied bottom-up (i.e., for new projects) but also top-down (e.g., for critical areas of infrastructure)
• Ensure key business stakeholders are engaged and that security risks are both visible to, and understood by, the business risk owners
• Provide specialist advice on technology compliance for project delivery, Risk in Change and other internal policies
• Ensure that energy site risk registers are updated and maintained in compliance with EA’s Risk Management Framework and the Critical Infrastructure and Systems of National Significance (CISoNS) reforms
• Collaborate with cross-functional teams, including OT engineers and IT security, to ensure a holistic approach to OT cybersecurity.
• Assess project and business areas compliance to EA’s Information Security Standards and Non-Functional Requirements (NFRs)

About You:

You will have minimum 2 – 3 years working in a GRC cyber security role or can demonstrate knowledge of cyber risk management frameworks & processes. Additionally:

• A recognised university degree in Computer Science, Information Technology, or equivalent experience
• At least 2-3 experience in a cyber security GRC role focusing on risk management (using ISO31000 and/or NIST RMF) and control, preferably in OT environments
• A certification such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or Certified Information Systems Security Professional (CISSP)
• Knowledge of cyber security best practice standards and frameworks including NIST CSF, NIST 800-82, NIST 800-53, ASD, ISO27000, IEC62443, AESCSF, etc
• Strong written and verbal communication skills, including the ability to gather and critically evaluate information and prepare written documents that clearly and concisely identify the issues presented and their proposed resolution
• Ability to communicate technical information to non-technical individuals easily and comprehensively
• Experience supporting risk and/or agile projects (desirable)

How to Apply:

If you’re ready to ‘light the way’ towards your next career move, click the 'Apply’ button to submit a confidential application. For any questions, please reach out to Jock Clydesdale, Talent Acquisition Partner @ jock.clydesdale@energyaustralia.com.au

Why Us:

At EnergyAustralia, we are committed to providing an inclusive culture so our employees can bring their whole selves to work and have a sense of belonging. As an employee you can enjoy such benefits as:

• Annual Performance Bonus
• 20 weeks’ paid parental leave that’s completely gender-equal
• Employee discount on your electricity and gas, discounts on major brands and products
• Energise Program - flexible working that is team centric enabling all individuals to agree and succeed together
• Excellent company culture, down-to-earth and friendly organisation - be authentic, bring your whole self to work!
• 2 paid recharge days 
• State-of-the-art Melbourne office, stunning views only 3-4 minute walk from Southern Cross station
• Inhouse Café and Onsite Tech Bar

We’re committed to providing an inclusive culture so our employees can bring their whole selves to work and have a sense of belonging. From our PRISM network that creates a positive culture for LGBTQ+ employees to our Reconciliation Action Plan that has commitments to strengthen relationships with Aboriginal and Torres Strait Islander people and organisations, it’s a workplace where everyone’s welcome.