- Full time continuing role within UNSW IT, as a Cyber Security Risk Analyst
- Starting Salary $113926 plus generous superannuation and leave loading
- Kensington, Sydney location, 2-3 days in the office, Hybrid working available
About UNSW:
UNSW isn’t like other places you’ve worked. Yes, we’re a large organisation with a diverse and talented community; a community doing extraordinary things. Together, we are driven to be thoughtful, practical, and purposeful in all we do. Taking this combined approach is what makes our work matter. It’s the reason we’re one of the top 20 universities in the world (QS top 20) and a member of Australia’s prestigious Group of Eight. If you want a career where you can thrive, be challenged and do meaningful work, you’re in the right place.
Reporting to the Cyber Security Risk Manager, the Cyber Security Risk Analyst plays a key role in strengthening the University’s cyber security risk posture within an ambitious and high-performing team. The role is responsible for coordinating, monitoring, and driving the management of cyber security risks across ICT projects, third-party supply chain, and business-as-usual activities. It contributes to the development of meaningful insights through data-driven approaches, automation, and emerging AI capabilities, supporting continual uplift in the maturity and effectiveness of the Cyber Security Risk function. The position requires a self-starter who can operate independently, work through complex tasks with minimal direction, and proactively contribute ideas that enhance risk processes, improve efficiency, and support innovation as the technological and threat landscape evolves. The role also engages with diverse technical and non-technical stakeholders, translating complex concepts into clear and actionable information to enable effective decision-making. In addition, the position supports policy, assurance, awareness, reporting, and governance activities that collectively strengthen cyber security capability across the University.
Specific accountabilities for this role include:
- Maintain and update the cyber security risk registers, ensuring risks are clearly articulated, prioritised, and supported with appropriate and timely treatment plans.
- Coordinate, monitor, and drive the treatment of cyber security risks identified through ICT projects and business-as-usual (BAU) activities, ensuring risks are documented, tracked, and treated within agreed timeframes.
- Proactively identify and assess cyber security risks emerging from BAU operations or ongoing service delivery.
- Conduct security and risk assessments of third-party vendors and associated supply-chain dependencies, ensuring risks are appropriately identified, recorded, and managed.
- Proactively follow up on remediation activities with internal stakeholders and vendors to ensure timely treatment of identified risks, and communicate risks clearly to the appropriate stakeholders.
- Communicate complex cyber security concepts in a clear and relatable manner to diverse stakeholders to support effective risk management and informed decision-making.
- Identify opportunities to automate repetitive or manual workflows to improve the efficiency, accuracy, and consistency of security risk processes.
- Leverage data-driven approaches and AI-enabled capabilities to generate better insights, uplift work quality, and enhance decision-making.
- Maintain a continuous learning mindset and actively upskill in emerging cyber security technologies, tools, automation methods, AI capabilities, and risk assessment techniques.
- Assist with the development and delivery of cyber security awareness and education initiatives to support a cyber-aware culture across the University.
- Adhere to all health and safety policies and procedures, ensuring personal actions do not compromise the safety of oneself or others.
- Actively demonstrate and promote UNSW Values in Action and the UNSW Code of Conduct in all activities.
Who you are:
- A minimum of 2 years of experience in cyber security governance, compliance, risk management, third-party risk, or security operations within complex environments.
- A solid understanding of cyber security principles, risk management practices, and security control frameworks.
- The ability to interpret and clearly translate complex cyber security concepts for both technical and non-technical stakeholders.
- Strong stakeholder engagement, negotiation, and influencing skills, with the ability to build effective relationships across business and technology teams.
- Experience with industry frameworks such as ISO/IEC 27001, NIST CSF, COBIT, or equivalent.
- Relevant security certifications (e.g., CSX, CRISC, CISA, CISSP, ISO/IEC 27001 Lead Implementer/Auditor, AWS, Google, Microsoft) are highly desirable.
- Demonstrated motivation, resilience, and ability to work autonomously as well as collaboratively in team environments.
- Understanding of UNSW’s objectives, values, and operating environment.
- Knowledge of psychosocial and physical health & safety responsibilities and commitment to relevant training.
Benefits and Culture
- Flexible Working Options (work from home, flexible hours etc)
- Career development opportunities
- 17% Superannuation contributions and additional leave loading payments
- Additional 3 days of leave over Christmas period
- Discounts and entitlements (retail, education, fitness)
For further details on the benefits, please visit https://www.jobs.unsw.edu.au/lifestyle-benefits
How to Apply: please apply through the portal, we would like you to submit a full application including resume and addressing the who you are section.
Applications close: Tuesday 3rd of February at 11.30pm
Pre-Employment Checks
Aligned with UNSW’s focus on cultivating a workplace defined by safety, ethical conduct, and strong integrity preferred candidates will be required to participate in a combination of pre-employment checks relevant to the role they have applied for.
These pre-employment checks may include a combination of some of the following checks:-
- National and International Criminal history checks
- Entitlement to work and ID checks
- Working With Children Checks
- Completion of a Gender-Based Violence Prevention Declaration
- Verification of relevant qualifications
- Verification of relevant professional membership
- Employment history and reference checks
- Financial responsibility assessments/checks.
- Medical Checks and Assessments
Compliance with the necessary combination of these checks is a condition of employment at UNSW.
Get in Touch:
Jen MacLachlan
j.maclachlan@unsw.edu.au
Talent Acquisition Partner – UNSW IT
Please apply through the application portal and not via the contact above.
UNSW is committed to equity diversity and inclusion. Applications from women, people of culturally and linguistically diverse backgrounds, those living with disabilities, members of the LGBTIQ+ community; and people of Aboriginal and Torres Strait Islander descent, are encouraged. UNSW provides workplace adjustments for people with disability, and access to flexible work options for eligible staff. The University reserves the right not to proceed with any appointment.
