Your new company

We are seeking a Lead Cyber Security Analyst to play a critical role in safeguarding highly sensitive government information systems. This is a senior, hands‑on role responsible for leading the end‑to‑end Authorisation to Operate (AtO) lifecycle, working across complex ICT environments that support essential national outcomes. You will join their cyber and assurance function on an up to 12‑month initial contract, with the potential for up to two further 12‑month extensions.

Your new role

As a Lead Cyber Security Analyst (EL1 equivalent), you will take ownership of the end‑to‑end Authorisation to Operate (AtO) lifecycle, ensuring information systems remain compliant with government security frameworks and fit for purpose throughout their operational life. You will work closely with Authorising Officers, system owners, delivery leads and technical teams, acting as the trusted security advisor across complex ICT environments involving multiple service providers.

• Leading system security authorisation activities in line with the Information Security Manual (ISM) and Protective Security Policy Framework (PSPF)
• Developing and maintaining critical security documentation, including security plans, SOPs and control artefacts
• Conducting comprehensive cyber risk assessments across project and operational environments
• Supporting and maintaining systems post‑authorisation through audits, change impact assessments and ongoing assurance activities
• Establishing and supporting processes for security incident reporting and management that protect AtO status
• Supporting compliance against frameworks such as:
  • ACSC ISM
  • Essential Eight
  • ISO/IEC 27001
  • NIST Cyber Security Framework

What you'll need to succeed

• Minimum 3+ years’ professional experience in information security, cyber risk or governance roles
• Proven experience supporting or leading AtO or security accreditation activities
• Strong working knowledge of Australian Government security standards, particularly ISM and PSPF
• Experience conducting risk assessments and clearly articulating risks, controls and residual risk
• Exposure to cloud security environments (desirable)
• The ability to explain technical security concepts in plain language to support informed decision‑making
• Bachelor’s degree in Cyber Security, ICT or a related field
• Certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer or Auditor

What you'll get in return

• A long-term initial up to 12‑month contract with the potential for multiple extensions
• Exposure to enterprise‑scale cyber programs and senior stakeholders
• The opportunity to operate at a strategic EL1‑equivalent level, influencing security and risk decisions
• A collaborative, outcomes‑driven environment where cyber assurance is valued and well‑supported

What you need to do now

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.

If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career.

LHS 297508