Back to all jobs

Security Analyst

Work TypeAny Employment
Positions1 Position
Published At:3 days ago
  • ICT Security Specialist
  • Risk Analyst
  • AWS
  • Azure
  • SIEM
  • DevSecOps
  • API Management
  • Essential 8
  • Security Governance Analyst
  • ISM – Information Security Manual
  • Baseline Clearance
Job no: QPRXY

Security Clearance Required for this role:

  • Must have a Current Baseline security clearance.
  • Must be an Australian Citizen
  • This will be an Office based/Hybrid role in Canberra, Melbourne, Brisbane, Adelaide & Sydney locations.


The Security Analyst will provide expert support in assessing, implementing, and assuring security and information protection across a large-scale data and analytics program being delivered for an end customer in a government department.

This role is responsible for proactively identifying vulnerabilities, managing risks, and ensuring that cloud-native and hybrid solutions comply with security standards and policies.

Operating at SFIA Level 5, the Security Analyst will collaborate across delivery, architecture, operations, and development teams to ensure secure-by-design practices are embedded into all layers of the technology lifecycle.

Key Responsibilities:

  • Conduct security risk assessments and business impact analyses to identify potential vulnerabilities and threats.
  • Provide subject matter expertise in the design and review of secure systems, APIs, and cloud-native architectures.
  • Support the implementation of security controls aligned with internal policies, Australian Government standards, and best practices.
  • Perform code reviews, infrastructure reviews, and threat modelling exercises to identify and mitigate risks.
  • Contribute to the development and assurance of security documentation, artefacts, and compliance evidence.
  • Support continuous improvement of DevSecOps practices, integrating automated security testing into delivery pipelines.
  • Assist with security incident response, including root cause analysis and resolution coordination.
  • Provide guidance to cross-functional teams on secure design, coding standards, and cloud security controls.
  • Monitor changes in threat landscape and regulatory requirements, recommending appropriate controls and mitigations.

Required Skills & Experience:

  • Demonstrated experience in information security roles within enterprise or government environments.
  • Strong understanding of risk management frameworks, including ISM, PSPF, ASD Essential 8, and IRAP.
  • Practical experience with cloud security in AWS and/or Azure environments, including IAM, encryption, and network security.
  • Knowledge of API security, static and dynamic application security testing (SAST/DAST), and infrastructure hardening.
  • Proficiency in identifying and remediating software vulnerabilities and misconfigurations.
  • Hands-on experience with security tools for vulnerability management, SIEM, and automated scanning.
  • Excellent communication skills and the ability to collaborate across technical and business domains.
  • Experience documenting security outcomes and participating in audits or assurance reviews.
  • Published on 17 Apr 2025, 2:06 AM