• Employment Type: full time continuing role
• Starting Salary $113926 – 123302 plus generous superannuation and leave loading
• Location: Kensington campus in NSW (Hybrid Flexible Working) 2-3 days in the office

About UNSW:
UNSW isn’t like other places you’ve worked. Yes, we’re a large organization with a diverse and talented community, a community doing extraordinary things. Together, we are driven to be thoughtful, practical, and purposeful in all we do. Taking this combined approach is what makes our work matter. If you want a career where you can thrive, be challenged and do meaningful work, you’re in the right place.

The Cyber Security Governance & Compliance Analyst supports the development, maintenance, and operational delivery of the organisation’s cyber security governance framework and compliance obligations. The role focuses on keeping Cyber Security Standards current and actionable, managing policy exemption requests, responding to governance-related service tickets, administering and uplifting the team's cyber security governance platform, supporting the organisation with compliance and regulatory activities, and coordinating Cyber Security Governance Communities of Practice. The position contributes to a consistent, risk-based, and auditable control environment and provides clear metrics and reporting to stakeholders across the institution. The position reports to the Manager, Cyber Governance & Compliance and has no direct reports.

Specific accountabilities for this role include:

• Coordinate cyber policy lifecycle activities, including stakeholder engagement, working group facilitation, drafting and following up on approval requests, and managing the endorsement process.
• Maintain and update the Cyber Security Policy Framework (CSPF), ensuring alignment with organisational policy and regulatory standards (e.g., ISO/IEC 27001, NIST CSF, ACSC Essential Eight, DISP, SOCI).
• Manage the full lifecycle of policy exemptions, including stakeholder engagement, risk assessment, documentation, and reporting.
• Respond to governance-related service tickets, maintain SLAs, and contribute to knowledge base content.
• Administer and support the MyCyberHub platform, including user management, configuration, integrations, and dashboard/report creation.
• Support the ISO27001 Information Security Management System (ISMS), including document control, audit coordination, and committee operations.
• Coordinate Cyber Security Governance Communities of Practice, including agendas, logistics, and communications.
• Help collect regular governance and compliance metrics for executive reporting.
• Demonstrate continuous improvement through innovation, AI, and automation to enhance user experience and efficiency.
• Any other duties commensurate with the role and as directed by the Manager, Cyber Governance & Compliance, or the Cyber Security Leadership team.
• Align with and actively demonstrate the Code of Conduct and Values
• Cooperate with all health and safety policies and procedures of the university and take all reasonable care to ensure that your actions or omissions do not impact on the psychosocial or physical health and safety of yourself or others.

Who you are:

• A relevant tertiary qualification with subsequent relevant experience or an equivalent level of knowledge gained through any other combination of education, training and/or experience.
• A minimum of 2–4 years’ experience in cyber security governance, compliance, risk management, or assurance within a large organisation.
• Working knowledge of (minimum 1 year) security standards and frameworks (ISO/IEC 27001, NIST CSF; familiarity with ACSC Essential Eight desirable).
• Hands-on experience with GRC (governance, risk management and compliance) or ticketing tools (e.g., ServiceNow, Protecht, Jira/Confluence), including workflow and reporting.
• Strong policy/standards writing and editing skills; ability to translate complex requirements into clear control statements and guidance.
• Experience managing exception/exemption processes and preparing risk-based recommendations for decision-makers.
• Evidence-based reporting and data literacy (metrics design, dashboards, trends, and narrative).
• Understanding of core IT and cyber security domains such as identity/access management, vulnerability management, cloud security, AI security fundamentals and change/release governance, sufficient to engage control owners.
• Relevant industry certifications (e.g., ISO/IEC 27001 Lead Implementer/Lead Auditor, CISM, CRISC, Security+, Azure AI Fundamentals, AWS Ai Practitioner).
• Experience working in higher education or other complex, federated environments.
• Ability to present with credibility and translate technical and complex information concisely for diverse audiences using strong analytical and problem-solving skills.

 Benefits and Culture

• Flexible Working Options (work from home, flexible hours etc) 
• Career development opportunities
• 17% Superannuation contributions and additional leave loading payments 
• Additional 3 days of leave over Christmas period
• Discounts and entitlements (retail, education, fitness)

For further details on the benefits, please visit https://www.jobs.unsw.edu.au/lifestyle-benefits

How to Apply: please apply through the portal, we would like you to submit a full application including resume and addressing the who you are section.

Applications close:  Monday 27^th of April 2026 at 11.30pm

Pre-Employment Checks
Aligned with UNSW’s focus on cultivating a workplace defined by safety, ethical conduct, and strong integrity preferred candidates will be required to participate in a combination of pre-employment checks relevant to the role they have applied for.

These pre-employment checks may include a combination of some of the following checks:- 

• National and International Criminal history checks
• Entitlement to work and ID checks
• Working With Children Checks
• Completion of a Gender-Based Violence Prevention Declaration
• Verification of relevant qualifications
• Verification of relevant professional membership
• Employment history and reference checks
• Financial responsibility assessments/checks.
• Medical Checks and Assessments

Compliance with the necessary combination of these checks is a condition of employment at UNSW.

Get in Touch:

Jen MacLachlan

j.maclachlan@unsw.edu.au

Talent Acquisition Partner – UNSW IT

Please apply through the application portal and not via the contact above.

UNSW is committed to equity diversity and inclusion. Applications from women, people of culturally and linguistically diverse backgrounds, those living with disabilities, members of the LGBTIQ+ community; and people of Aboriginal and Torres Strait Islander descent, are encouraged. UNSW provides workplace adjustments for people with disability, and access to flexible work options for eligible staff. The University reserves the right not to proceed with any appointment.