Cyber Security Risk Analyst

**Overview**:
**Work Type**:Fixed-term - Full-time

**Salary**: Salary not specified

**Grade**:Grade in advertisement

**Occupation**:IT and telecommunications

**Location**:Melbourne - Eastern suburbs

**Reference**:VG/1872925

Location CFA HQ Burwood
Full Time Fixed Term to 30/06/2026
PTA 5 $107,864 - $121,276 pa (plus 12% superannuation)
- Do you want to work for a values-based, emergency service organisation that puts the community at the centre of everything we do?
- We are proud of the work we do in protecting lives and property, 24 hours a day, 7 days a week.
- With over 51,000 volunteers CFA strives to be an organisation of choice for volunteers and employees. We, embrace individuals with diverse skills, experiences, and backgrounds, recognising the unique value they bring to CFA.
- To learn more about the Country Fire Authority (CFA), we invite you to visit our About Us page.

**About the Role**
- Join CFA's Cyber Security team and help safeguard one of Victoria's most trusted emergency services organisations. We're seeking a Cyber Security Risk Analyst to lead a key project focused on strengthening CFA's cyber security governance, risk and compliance (GRC) capability.
- In this project focussed role, you will drive the uplift of CFA's cyber security policies, risk frameworks and compliance practices to ensure a secure, resilient digital environment. You'll lead the implementation of GRC frameworks, particularly through Microsoft Purview, ensuring alignment with the Victorian Protective Data Security Standards (VPDSS) and ACSC's Information Security Manual (ISM).
- Responsibilities include developing and maintaining policies for identity access management (IAM), data classification and access control; producing risk and compliance reports; assessing third-party risks via UpGuard; and supporting business impact assessments (BIA), business continuity planning (BCP) and disaster recovery planning (DRP).
- You will deliver training and awareness initiatives to build a strong security culture across CFA. To succeed, you will bring proven experience with GRC frameworks, strong knowledge of cyber security standards, practical IAM expertise and the ability to engage effectively with both technical and non-technical stakeholders.
- Be part of something bigger, work with purpose to protect the digital backbone of a critical emergency service.

**About You**
- Tertiary qualifications in Information Technology, Cybersecurity, Law, Business Administration, or a related field, and familiarity with frameworks such as MITRE ATT&CK, OWASP Top Ten, and NIST Cybersecurity Framework is preferred.
- Proven track record of supporting Business Impact Analyses, developing Business Continuity Plans, and Disaster Recovery Plans.
- Previous experience in a GRC-focused role within an IT or cybersecurity context, with demonstrated success in developing and implementing GRC frameworks and compliance strategies.
- Strong skills in writing clear, actionable, and comprehensive security policies, particularly those focusing on identity management.
- Highly developed skills in written communication, inter-personal interactions, and an ability to develop effective relationships and influence key stakeholders.

**Why choose CFA**
- Meaningful Purpose: Your contribution truly makes a difference
- Work-Life Balance: Paid parental leave, generous leave provisions
- Growth Opportunities: Learning and development
- Flexibility: Hybrid work options with flexible work arrangements
- Discounts: Emergency Memberlink discounts on various services
- Wellbeing Focus: Healthy for Life programs, flu vaccinations
- Member Assistance Program: Access support across 8 service pathways

**Your Application**

**Pre-employment Checks**
- Successfully complete Reference Checks, a National Police History Check, Working Rights Check and hold a valid Working with Children Check.

**CFA is committed to creating and maintaining a diverse, inclusive, and safe volunteer and work environment. Our aim is to have a volunteer and paid workforce that reflects the community it serves. First Nations people, women, people of all ages, with disabilities and culturally and linguistically diverse people are encouraged to apply.**

**Applications close: 11:59pm 22nd July 2025**

- Applications close Tuesday 22 July 2025 at 11.59pm

Posted
- 8 July 2025