Associate Cyber Risk Specialist

**About the Role - 18 month contract**:
Cyber Security is one of EnergyAustralia’s top risks - part of our security strategy aims to significantly increase cyber security maturity across the organisation.

The purpose of the Cyber Supply Chain Risk Specialist is to engage with EA’s procurement, vendor management and legal teams and vendors to assess, document and improve cyber supply chain risk management. Responsibilities include:

- Conducting cyber risk assessments whilst onboarding new suppliers/vendors
- Ensuring baseline security requirements are embedded in contracts & service agreements
- Ensuring appropriate security controls are in place to protect EA’s and its customer’s data & our critical infrastructure
- Identifying & communicating cyber risks to relevant internal stakeholders
- Performing annual cyber risk assessments on existing suppliers/vendors

**About You**:
You will have minimum 3 years working in a cyber security role (Analyst, Specialist etc) or can demonstrate knowledge of cyber risk management frameworks & processes. Additionally:

- A recognised university degree in Computer Science, Information Technology, or equivalent experience.
- Knowledge of the Australian Energy Sector Cyber Security Framework (AESCSF) and the Security of Critical Infrastructure (SOCI) Act.
- A certification such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or Certified Information Systems Security Professional (CISSP).
- Familiar with ASD Essential 8, NIST, AESCSF, PCI DSS and similar security frameworks.
- Strong written and verbal communication skills, including the ability to gather and critically evaluate information and prepare written documents that clearly and concisely identify the issues presented and their proposed resolution.
- Strong reasoning competency to investigate, analyse and draw appropriate conclusions - we are looking for an inquisitive and analytical mind.

**Why join the Cyber Risk Team**:

- **Purpose with impact**
- The team is at the forefront of navigating complex challenges in a critical sector. The assurance you provide doesn’t just mitigate risks; it ensures the trust our customers place in us to deliver reliable, secure and sustainable energy without compromise
- **Trusted Expertise**
- You’ll work alongside highly skilled professionals who value diverse perspectives and innovative ideas
- **Opportunities for growth**
- You’ll have access to cutting edge technology, opportunities to lead and contribute to high impact projects and training programs and industry certificates to enhance your expertise

**How to Apply**:
**Why Us**:
At EnergyAustralia, we are committed to providing an inclusive culture so our employees can bring their whole selves to work and have a sense of belonging. As an employee you can enjoy such benefits as:

- Employee discount on your electricity and gas, discounts on major brands and products
- Energise Program - flexible working that is team centric enabling all individuals to agree and succeed together
- Excellent company culture, down-to-earth and friendly organisation - be authentic, bring your whole self to work
- 2 paid recharge days
- State-of-the-art Melbourne office, stunning views only 3-4 minute walk from Southern Cross station
- Onsite Tech Bar

We’re committed to providing an inclusive culture so our employees can bring their whole selves to work and have a sense of belonging. From our PRISM network that creates a positive culture for LGBTQ+ employees to our Reconciliation Action Plan that has commitments to strengthen relationships with Aboriginal and Torres Strait Islander people and organisations, it’s a workplace where everyone’s welcome.