IT Risk, Security

2 weeks ago


Melbourne, Victoria, Australia Toll Group Full time $90,000 - $120,000 per year

About Toll Group

At Toll, we do more than just logistics - we move the businesses that move the world. Our 16,000 team members can help solve any logistics, transport, or supply chain challenge – big or small. We have been supporting our customers for more than 130 years. Today, we support more than 20,000 customers worldwide with 500 sites in 27 markets, and a forwarding network spanning 150 countries. We are proudly part of Japan Post —

Join Our Cybersecurity Team as an IT Risk, Security & Governance Analyst

Ready to make a real impact in cybersecurity by shaping secure systems and ensuring government compliance?

We are looking for a skilled and detail-oriented IT Risk, Security & Governance Analyst to play a key role in maintaining alignment with the Australian Government Information Security Manual (ISM). In this role, you'll focus on analysing security controls, managing application whitelisting, and producing high-quality documentation and reports.

You'll collaborate with technical teams, risk managers, and compliance stakeholders to assess platform security and support secure application deployment. If you're ready to make a meaningful impact in a dynamic cybersecurity environment, we'd love to hear from you.

This position is a fixed term contract to March 2027 which can be based in Melbourne, Brisbane or Sydney.

As the IT Risk, Security & Governance Analyst you will:

  • Interpret and apply Australian Government security standards, including ISM controls, to ensure compliance across systems and platforms. 
  • Assess application platforms for compliance with whitelisting and security requirements and support secure deployment and configuration. 
  • Develop and maintain security documentation and reports, including standardised formats and evidence for audits and assessments.
  • Monitor and report on remediation activities for non-compliant systems, contributing to ongoing security improvements. 
  • Prepare and update key security documents, such as SAD, BCP, DRP, Incident Response Plan, SSP, SSP Annex, ISM SoA,and SRMP. 
  • Collaborate with internal teams to align security practices with operational needs and ensure consistent implementation.

What We're Looking For

Qualifications & Technical Skills

  • Certifications and Education: Holds relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer, along with tertiary qualifications in Cybersecurity, IT, or a related field.
  • Government and Framework Knowledge: Strong understanding of the Australian Government ISM, PSPF, ASD Essential Eight, and experience with IRAP assessments or working with IRAP assessors.
  • Technical Security Expertise: Skilled in application whitelisting technologies (e.g., Microsoft AppLocker, WDAC), endpoint protection, system hardening, and secure configuration baselines.
  • Security Reporting and Compliance: Proficient in preparing risk assessments, control mapping, and compliance documentation.
  • Security Tools and Processes: Knowledgeable in SIEM tools, vulnerability management, and incident response procedures.
  • Operating Systems and Standards Application: Solid understanding of Windows and Linux security controls, with the ability to apply security standards to real-world technical environments.

Experience

  • 5+ years of experience in cybersecurity or information security roles.
  • Strong background in security compliance, risk analysis, and audit support.
  • Experience in regulated environments, especially within government agencies, is highly desirable.
  • Proven ability to prepare security documentation and compliance reports effectively.
  • Skilled in cross-functional collaboration, working with IT operations, risk, and governance teams.
  • Demonstrated expertise in aligning security practices with organisational and regulatory requirements.

What moves you?
 

At Toll, you can help play a vital role in delivering what matters. From food, fuel, medicine and rescue services, we keep businesses and communities thriving. Every day brings change. We see that as an opportunity. To be curious. To ask the right questions. And build meaningful connections. Because finding new ways to solve problems is what we do. With a bold vision to expand our global reach, our 16,000+ people bring a passion for progress. We collaborate in friendly, caring teams, supported by approachable leaders who give us the autonomy to quickly make decisions with impact. Learn and grow with industry-leading training, alongside talented experts. Feel empowered to take on diverse challenges and new responsibilities to move you, our customers, and our world further.

Are you excited about this role but are concerned you don't meet all the requirements? If you have similar skills and are willing to learn then we encourage you to apply anyway. We know that some people hesitate to apply for jobs unless they meet every single qualification. At Toll, we value a diverse, inclusive and authentic workplace, so if you're interested in this role but your past experience doesn't align perfectly then please talk to us – you may be just the right candidate for this or other roles we have coming up.

At Toll everyone is welcome including those of all ages, ethnicities, genders and abilities. 

To find out more about us visit

You must be entitled to work in Australia and be prepared to undertake pre-employment checks including a criminal history check and medical.
  • Security Officer

    2 weeks ago


    Melbourne, Victoria, Australia Gss Security Full time

    The successful applicant will be responsible for but not limited to:- Guarding, patrolling, monitoring, and controlling assigned premises- Respond to emergencies, alarm events, calls for assistance and provide the necessary support when required.- Assess and respond to situations of risk or hazard.- Access control and monitoring CCTV, Alarm systems- Incident...


  • Melbourne, Victoria, Australia beBeeRisk Full time US$100,000 - US$120,000

    Proactive Risk Mitigation Specialist RoleWe are seeking an expert to lead our security risk management team in identifying, tracking and reducing security risks across all company activities. This individual will leverage industry best practices and emerging threat information to promote risk identification, quantification, impact analysis, and modelling for...

  • Security Risk Manager

    2 weeks ago


    Melbourne, Victoria, Australia beBeeSecurity Full time $130,673 - $174,869

    Job OverviewThe Security Risk Manager will play a pivotal role in shaping the security risk landscape within our organization.Key ResponsibilitiesDevelop and enforce comprehensive security risk frameworks and protocols.Collaborate with cross-functional teams to identify, assess, and mitigate potential security risks.Design and implement robust assurance...

  • Security Officer

    3 days ago


    Melbourne, Victoria, Australia MSS Security Full time $60,000 - $80,000 per year

    About the CompanyAs one of Australia's leading security companies, MSS Security is built on teamwork, respect, and integrity. We provide long-term career paths, stability, and a workplace where your professionalism and dedication are genuinely valued. To find out more visit our website at About the role:MSS Security is looking for professional and dedicated...

  • Security Risk Manager

    2 weeks ago


    Melbourne, Victoria, Australia beBeeCybersecurity Full time $180,000 - $240,000

    Job Description">We are seeking a seasoned Cyber Security professional to lead our security initiatives and drive business value through strategic risk management.The successful candidate will be responsible for assessing the current security infrastructure, identifying vulnerabilities, and developing comprehensive security requirements that align with...


  • Melbourne, Victoria, Australia Australian Pharmaceutical Industries Full time

    Australian Pharmaceutical Industries Limited (API) is one of Australia's leading pharmaceutical distributors and fastest growing health and beauty retailers. API is the foundational asset of the Wesfarmers Health Division, and is the parent company of Priceline Pharmacy, Soul Pattinson Chemist, Pharmacist Advice and Clear Skincare Clinics. Our services...


  • Melbourne, Victoria, Australia beBeeCybersecurity Full time $100,000 - $140,000

    Enterprise Cybersecurity SpecialistWe seek a seasoned cybersecurity expert to join our team and drive meaningful security improvements across various industries.This role entails delivering comprehensive security assessments that help organisations effectively mitigate cyber risks. The ideal candidate will work closely with stakeholders, leveraging technical...


  • Melbourne, Victoria, Australia beBeeSecurity Full time $122,736 - $132,847

    Job Title: Security and Risk ManagerWe are seeking a highly skilled and experienced Security and Risk Manager to join our team. As a key member of our organization, you will play a pivotal role in developing and implementing security strategies that protect our diverse community.Key Responsibilities:Strategic Planning: Develop comprehensive crime prevention...


  • Melbourne, Victoria, Australia beBeeSecurity Full time $91,418 - $103,725

    Job Title: Security Risk ConsultantKey aspects of the role include developing safety and security strategies, engaging with stakeholders, and providing expert advice on personal safety and situational awareness.The ideal candidate will have expertise in security risk assessment and management, strong communication skills, and the ability to work...


  • Melbourne, Victoria, Australia beBeeCyber Full time $115,000 - $155,000

    Job Title: Cyber Risk Management SpecialistThe organization seeks a Cyber Risk Management Specialist to provide expert knowledge in implementing exposure management efforts, ensuring proactive identification, assessment, and mitigation of security risks.This role requires expertise in attack surface management, continuous security control validation, and...