Cybersecurity GRC Analyst

At ATCO Australia, we are on a mission to transform the global energy landscape and lead the way towards a sustainable future. As a critical player in the dynamic energy market, we offer an exciting and inclusive work environment that fosters innovation, collaboration and personal growth. As a Cyber Governance, Risk and Compliance (GRC) Analyst, you’ll play a pivotal role in protecting ATCO Australia’s digital assets by ensuring our cybersecurity practices align with regulatory requirements, internal policies and industry standards. This role is essential to our strategic objective of maintaining a resilient, secure and compliant technology environment - empowering the business to operate with confidence in an evolving threat landscape.What Success Looks LikeCyber risks are proactively identified, assessed, and mitigated, resulting in a measurable reduction in enterprise-wide exposure.Ongoing alignment with cybersecurity frameworks and regulatory obligations is maintained through effective controls, audits, and reporting mechanisms.Cybersecurity governance structures, policies, and procedures are continuously reviewed and enhanced to support strategic and operational objectives.Strong relationships are established with internal stakeholders, auditors, and regulators, fostering a culture of accountability and security awareness.Incident response capabilities are regularly tested and refined, with GRC processes evolving through automation, metrics, and insights from assessments and audits.Exposure & experienceQualificationsBachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Security, or a related field.4–6 years of relevant experience, with at least 3 years focused on IT security and governance.Strong knowledge of cybersecurity frameworks such as NIST CSF, AESCSF, and ITIL.Experience in incident management, risk assessment, and cross-functional collaboration.BackgroundExperience managing cybersecurity risks in complex commercial or critical infrastructure environments.Strong track record supporting audits and regulatory compliance, enhancing organisational readiness.Skilled in assessing third-party cybersecurity controls and ensuring alignment with enterprise standards.Proficient in conducting risk and maturity assessments across IT and OT environments using recognised frameworks.What we offerAccess to additional purchased leaveA competitive base salary reflective of your skills and experience with an annual incentive bonusNovated Lease and Car BenefitsEmployee Share Purchase PlanAccess to corporate discounts, including health insurance, banking and fitness clubs.Access to ATCO's Employee Assistance ProgramATCO fosters an inclusive workplace culture where everyone is treated fairly and respectfully. We are an Equal Opportunity employer and encourage applications from women and Aboriginal and Torres Strait Islander people. AUD Jandakot 6164

Cybersecurity GRC Analyst

At ATCO Australia, we are on a mission to transform the global energy landscape and lead the way towards a sustainable future. As a critical player in the dynamic energy market, we offer an exciting and inclusive work environment that fosters innovation, collaboration and personal growth. 

As a Cyber Governance, Risk and Compliance (GRC) Analyst, you’ll play a pivotal role in protecting ATCO Australia’s digital assets by ensuring our cybersecurity practices align with regulatory requirements, internal policies and industry standards. This role is essential to our strategic objective of maintaining a resilient, secure and compliant technology environment - empowering the business to operate with confidence in an evolving threat landscape.

What Success Looks Like

  • Cyber risks are proactively identified, assessed, and mitigated, resulting in a measurable reduction in enterprise-wide exposure.
  • Ongoing alignment with cybersecurity frameworks and regulatory obligations is maintained through effective controls, audits, and reporting mechanisms.
  • Cybersecurity governance structures, policies, and procedures are continuously reviewed and enhanced to support strategic and operational objectives.
  • Strong relationships are established with internal stakeholders, auditors, and regulators, fostering a culture of accountability and security awareness.
  • Incident response capabilities are regularly tested and refined, with GRC processes evolving through automation, metrics, and insights from assessments and audits.

Exposure & experience

Qualifications

  • Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Security, or a related field.
  • 4–6 years of relevant experience, with at least 3 years focused on IT security and governance.
  • Strong knowledge of cybersecurity frameworks such as NIST CSF, AESCSF, and ITIL.
  • Experience in incident management, risk assessment, and cross-functional collaboration.

Background

  • Experience managing cybersecurity risks in complex commercial or critical infrastructure environments.
  • Strong track record supporting audits and regulatory compliance, enhancing organisational readiness.
  • Skilled in assessing third-party cybersecurity controls and ensuring alignment with enterprise standards.
  • Proficient in conducting risk and maturity assessments across IT and OT environments using recognised frameworks.

What we offer

  • Access to additional purchased leave
  • A competitive base salary reflective of your skills and experience with an annual incentive bonus
  • Novated Lease and Car Benefits
  • Employee Share Purchase Plan
  • Access to corporate discounts, including health insurance, banking and fitness clubs.
  • Access to ATCO's Employee Assistance Program

ATCO fosters an inclusive workplace culture where everyone is treated fairly and respectfully. We are an Equal Opportunity employer and encourage applications from women and Aboriginal and Torres Strait Islander people.