Cyber Security Analyst

We are currently accepting applications for a Cyber Security Analyst to join our team based in Canberra. The Cyber security Analyst (GRC) supports cyber security assessment and authorisation activities aligned with the Australian Government Information Security Manual (ISM). The role contributes to assurance verification through control assessment, evidence gathering, risk analysis, and structured report development. The position operates under the direction of a task lead and does not carry leadership or decision-making authority. Accuracy, consistency and written clarity are core to the function of this role. The Cyber Security Analyst Will Be Accountable For Mapping organisational security controls to ISM requirementsIdentifying, analysing, and documenting control gaps and weaknessesCollecting, validating, and maintaining evidence supporting control effectivenessSupporting cybersecurity risk assessments, including threat surface analysisPerforming risk analysis activities for systems under assessmentAssisting with gap analysis and remediation trackingDrafting clear, structured, and assessment-ready reportsMaintaining compliance artefactsEnsuring traceability between controls, evidence, findings and risksEngaging professionally with both technical and non-technical stakeholdersExecuting assigned tasks under the supervision of the task lead As a suitably experienced and well- rounded cyber security professional, the Cyber Security Analyst will have: Degree in Cyber security, Information systems, or Information technology with a security focus or demonstrable equivalent workplace experience in cyber security, assurance, audit or complianceOne entry-level or foundational cyber security or GRC certification such as ISACA cyber security fundamentals, COMPTIA Security+, ISO/IEC 27001 foundation or ISC2 CC are also acceptableAn understanding of core cyber security principles (CIA triad, defence-in-depth), basic risk management concepts and control-based security frameworksExposure to cyber security assessments, IT audits, Governance, risk and compliance (GRC) activitiesFamiliarity with control testing and evidence-based assessment methods Effective communication and stakeholder engagement skills. Due to the nature of the role, applicants must be eligible for Australian Defence security clearance. Current security clearance is advantageous. Whilst applications must be made online, confidential enquiries are welcome and may be directed to Roz Byrne, People Partner via email; Applications will close on 27th March 2026 Looking for an Employer with Benefits? At QinetiQ, our competitive remuneration and benefits package supports your evolving needs throughout your career. You'll share in the company's success, and be rewarded for your own. We'll invest in your professional development and provide an inclusive environment for you to succeed. Some Of Our Benefits Include Access to LinkedIn LearningFlexible workPurchased leave program & loyalty leaveAnnual incentive schemeComplimentary salary continuance insuranceAnnual volunteering leave with Operation Give BackRelaxed dress codeUp to 18 weeks paid parental leave As the defence industry in Australia grows, it is an exciting time to join QinetiQ. What the company looks like today will be different to that of tomorrow as we navigate an ever changing world. To innovate for our customers' advantage we value the need for diversity of thought in everything we do. We provide a flexible and inclusive environment where our people can bring their whole selves to work, meaningfully contribute and have equal opportunity to succeed. We actively seek applications from people who come from diverse backgrounds and experiences. Aligned with our Diversity and Inclusion Strategy and Reconciliation Action Plan, we also encourage applications from women, veterans and First Nations people. QinetiQ conducts pre-employment screening, including but not limited to identity verification and police checks, for all preferred candidates. To be added