Cyber Security Analyst

We are currently accepting applications for aCyber Security Analyst to join our team based in Canberra.

The Cyber security Analyst (GRC) supports cyber security assessment and authorisation activities aligned with the Australian Government Information Security Manual (ISM).

The role contributes to assurance verification through control assessment evidence gathering risk analysis and structured report development. The position operates under the direction of a task lead and does not carry leadership or decision-making authority. Accuracy consistency and written clarity are core to the function of this role.

The Cyber Security Analyst will be accountable for:

• Mapping organisational security controls to ISM requirements
• Identifying analysing and documenting control gaps and weaknesses
• Collecting validating and maintaining evidence supporting control effectiveness
• Supporting cybersecurity risk assessments including threat surface analysis
• Performing risk analysis activities for systems under assessment
• Assisting with gap analysis and remediation tracking
• Drafting clear structured and assessment-ready reports
• Maintaining compliance artefacts
• Ensuring traceability between controls evidence findings and risks
• Engaging professionally with both technical and non-technical stakeholders
• Executing assigned tasks under the supervision of the task lead

As a suitably experienced and well- rounded cyber security professional the Cyber Security Analyst will have:

• Degree in Cyber security Information systems or Information technology with a security focus or demonstrable equivalent workplace experience in cyber security assurance audit or compliance
• One entry-level or foundational cyber security or GRC certification such as ISACA cyber security fundamentals COMPTIA Security ISO/IEC 27001 foundation or ISC2 CC are also acceptable
• An understanding of core cyber security principles (CIA triad defence-in-depth) basic risk management concepts and control-based security frameworks
• Exposure to cyber security assessments IT audits Governance risk and compliance (GRC) activities
• Familiarity with control testing and evidence-based assessment methods
• Effective communication and stakeholder engagement skills.

Due to the nature of the role applicants must be eligible for Australian Defence security clearance. Current security clearance is advantageous.

Whilst applications must be made online confidential enquiries are welcome and may be directed to Roz Byrne People Partner via email;

Applications will close on 27th March 2026

Looking for an Employer with Benefits

At QinetiQ our competitive remuneration and benefits package supports your evolving needs throughout your career. Youll share in the companys success and be rewarded for your own. Well invest in your professional development and provide an inclusive environment for you to succeed.

Some of our benefits include:

• Access to LinkedIn Learning
• Flexible work
• Purchased leave program & loyalty leave

• Annual incentive scheme
• Complimentary salary continuance insurance
• Annual volunteering leave with Operation Give Back
• Relaxed dress code
• Up to 18 weeks paid parental leave

#LI-RB

#LI-Onsite

As the defence industry in Australia grows it is an exciting time to join QinetiQ. What the company looks like today will be different to that of tomorrow as we navigate an ever changing world. To innovate for our customers advantage we value the need for diversity of thought in everything we do. We provide a flexible and inclusive environment where our people can bring their whole selves to work meaningfully contribute and have equal opportunity to succeed. We actively seek applications from people who come from diverse backgrounds and experiences. Aligned with our Diversity and Inclusion Strategy and Reconciliation Action Plan we also encourage applications from women veterans and First Nations people.

QinetiQ conducts pre-employment screening including but not limited to identity verification and police checks for all preferred candidates.

To be added