Cyber Security Governance & Compliance Analyst

• Employment Type: full time continuing role
• Starting Salary $plus generous superannuation and leave loading
• Location: Kensington campus in NSW (Hybrid Flexible Working) 2-3 days in the office

About UNSW:
UNSW isnt like other places youve worked. Yes were a large organization with a diverse and talented community a community doing extraordinary things. Together we are driven to be thoughtful practical and purposeful in all we do. Taking this combined approach is what makes our work matter. If you want a career where you can thrive be challenged and do meaningful work youre in the right place.

The Cyber Security Governance & Compliance Analyst supports the development maintenance and operational delivery of the organisations cyber security governance framework and compliance obligations. The role focuses on keeping Cyber Security Standards current and actionable managing policy exemption requests responding to governance-related service tickets administering and uplifting the teams cyber security governance platform supporting the organisation with compliance and regulatory activities and coordinating Cyber Security Governance Communities of Practice. The position contributes to a consistent risk-based and auditable control environment and provides clear metrics and reporting to stakeholders across the institution. The position reports to the Manager Cyber Governance & Compliance and has no direct reports.

Specific accountabilities for this role include:

• Coordinate cyber policy lifecycle activities including stakeholder engagement working group facilitation drafting and following up on approval requests and managing the endorsement process.
• Maintain and update the Cyber Security Policy Framework (CSPF) ensuring alignment with organisational policy and regulatory standards (e.g. ISO/IEC 27001 NIST CSF ACSC Essential Eight DISP SOCI).
• Manage the full lifecycle of policy exemptions including stakeholder engagement risk assessment documentation and reporting.
• Respond to governance-related service tickets maintain SLAs and contribute to knowledge base content.
• Administer and support the MyCyberHub platform including user management configuration integrations and dashboard/report creation.
• Support the ISO27001 Information Security Management System (ISMS) including document control audit coordination and committee operations.
• Coordinate Cyber Security Governance Communities of Practice including agendas logistics and communications.
• Help collect regular governance and compliance metrics for executive reporting.
• Demonstrate continuous improvement through innovation AI and automation to enhance user experience and efficiency.
• Any other duties commensurate with the role and as directed by the Manager Cyber Governance & Compliance or the Cyber Security Leadership team.
• Align with and actively demonstrate the Code of Conduct and Values
• Cooperate with all health and safety policies and procedures of the university and take all reasonable care to ensure that your actions or omissions do not impact on the psychosocial or physical health and safety of yourself or others.

Who you are:

• A relevant tertiary qualification with subsequent relevant experience or an equivalent level of knowledge gained through any other combination of education training and/or experience.
• A minimum of 24 years experience in cyber security governance compliance risk management or assurance within a large organisation.
• Working knowledge of (minimum 1 year) security standards and frameworks (ISO/IEC 27001 NIST CSF; familiarity with ACSC Essential Eight desirable).
• Hands-on experience with GRC (governance risk management and compliance) or ticketing tools (e.g. ServiceNow Protecht Jira/Confluence) including workflow and reporting.
• Strong policy/standards writing and editing skills; ability to translate complex requirements into clear control statements and guidance.
• Experience managing exception/exemption processes and preparing risk-based recommendations for decision-makers.
• Evidence-based reporting and data literacy (metrics design dashboards trends and narrative).
• Understanding of core IT and cyber security domains such as identity/access management vulnerability management cloud security AI security fundamentals and change/release governance sufficient to engage control owners.
• Relevant industry certifications (e.g. ISO/IEC 27001 Lead Implementer/Lead Auditor CISM CRISC Security Azure AI Fundamentals AWS Ai Practitioner).
• Experience working in higher education or other complex federated environments.
• Ability to present with credibility and translate technical and complex information concisely for diverse audiences using strong analytical and problem-solving skills.

Benefits and Culture

• Flexible Working Options (work from home flexible hours etc)
• Career development opportunities
• 17% Superannuation contributions and additional leave loading payments
• Additional 3 days of leave over Christmas period
• Discounts and entitlements (retail education fitness)

For further details on the benefits please visit to Apply: please apply through the portal we would like you to submit a full application including resume and addressing the who you are section.

Applications close: Monday 27^th of April 2026 at 11.30pm

Pre-Employment Checks
Aligned with UNSWs focus on cultivating a workplace defined by safety ethical conduct and strong integrity preferred candidates will be required to participate in a combination of pre-employment checks relevant to the role they have applied for.

These pre-employment checks may include a combination of some of the following checks:-

• National and International Criminal history checks
• Entitlement to work and ID checks
• Working With Children Checks
• Completion of a Gender-Based Violence Prevention Declaration
• Verification of relevant qualifications
• Verification of relevant professional membership
• Employment history and reference checks
• Financial responsibility assessments/checks.
• Medical Checks and Assessments

Compliance with the necessary combination of these checks is a condition of employment at UNSW.

Get in Touch:

Jen MacLachlan

Talent Acquisition Partner UNSW IT

Please apply through the application portal and not via the contact above.

UNSW is committed to equity diversity and inclusion. Applications from women people of culturally and linguistically diverse backgrounds those living with disabilities members of the LGBTIQ community; and people of Aboriginal and Torres Strait Islander descent are encouraged. UNSW provides workplace adjustments for people with disability and access to flexible work options for eligible staff. The University reserves the right not to proceed with any appointment.