Cyber Security GRC Analyst

• We're a 'Family Friendly' certified workplace – we understand the diverse roles our team members need to play within their own unique family setting and actively support them.  

Our team feel Leidos is a great place to work. Learn more about our culture and benefits by visiting us here   

Do Work That Matters 

Leidos Australia delivers IT and airborne solutions that protect and advance the Australian way of life.  Our 2000 local experts, backed by our global experience and network of partners, are working to solve the world's toughest challenges in government, intelligence, defence, aviation, border protection and health markets.  

Your New Role and Responsibilities  

As a Cyber Security GRC Analyst, you will be responsible for contributing cyber security subject matter expertise and advice to stakeholders and the broader team through analyses and intersection of the governance, risk, and compliance aspects of systems. This is an interesting role with broad responsibilities and scope that will allow you to test and hone your skills, whilst contributing to National Security, your responsibilities will include the following; 

• Evaluate the effectiveness of security controls against the Australian Government ISM, Essential Eight, Cyberworthiness, NIST, other approved cyber security frameworks, and standard designs. 

• Conduct security, gap, and compliance audits, including reporting and documentation management. 

• Maintain, verify, and update accreditation documentation sets for each environment on an ongoing basis. 

• Develop and submit high-quality artefacts in a timely manner, including risk assessments, security documentation, and compliance reports. 

• Apply cyber security governance, risk, and compliance principles in practice, including preparation of risk registers, security plans, and audit results. 

What You'll Bring to Make An Impact  

• Demonstrated customer focus and motivation to deliver outcomes aligned with customer mission needs, supported by relevant education and/or practical experience. 

• Over two years' experience in Cybersecurity GRC, audit, risk, or compliance roles, with proven ability to produce high-quality security assessment documentation. 

• Familiarity with risk management frameworks including ISO 31000, FAIR, OCTAVE, and NIST RMF, and holding certifications such as CRISC, CISM, CISA, CISSP, ISO 27001 or similar. 

• Excellent communication and stakeholder management skills, with strong attention to detail and sound organisational abilities. 

• Experience working with Defence is desirable. 

Don't worry if you don't tick all the boxes – if you meet most of them, we encourage you to submit your application.  We're most interested in your strengths, what you want to learn and how far you want to go.  

Successful candidates will be required to be Australian Citizens and hold and maintain a minimum NV-2 Australian Government Security Clearance. 

Diverse Team Members, Shared Values and a Common Purpose 

Providing our customers with smarter solutions takes an incredible team with diversity of thought, experience and perspectives driving innovation. Inclusion is at the heart of our culture and is one of our core values. It's about creating a workplace where everyone can do important work, feels welcome, valued, and respected, and has equal access to opportunities to thrive. Paul Chase – Chief Executive, Leidos Australia. 

Leidos Australia is an equal opportunities organisation and is committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities, and age groups.  

Our five Advocacy Groups (Women and Allies Network, Young Professionals, Defence & Emergency Services, Action for Accessibility and Abilities and Pride+) provide an opportunity for team members to connect and collaborate on shared interests, and work to support and celebrate our diverse community. 

Next Steps 

• To apply for this role, follow the links or apply via our Careers page.  

• Recruitment process - interviews and background checks.

• Applicants may also need to meet International Traffic in Arms Regulations (ITAR) requirements. In certain circumstances this can place limitations on persons who hold dual nationality, permanent residency or are former nationals of certain countries as per ITAR

• We are committed to making our recruitment process accessible to all candidates. Please contact our Careers team if you'd like to discuss any additional support during your application or throughout the recruitment process.   

At Leidos, we don't want someone who "fits the mold"—we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, "what's next?" before the dust settles on "what's now."

If you're already scheming step 20 while everyone else is still debating step 2… good. You'll fit right in.

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.