Cyber Security and Risk Analyst

14 Sep 2018 6:34 AM | Sue York (Administrator)

Cyber Security and Risk Analyst
Position No: 2159OPS

Division: Operations & Technology
Location: Brisbane
Work Type: Maximum Term - Full Time
Applications Close: 20/09/2018 11:45 PM

We currently have an exciting, 12-month maximum term full time opportunity for a Cyber Security and Risk Analyst to join QIC’s IT Risk and Security team in Brisbane CBD.

As part of the IT Risk and Security team, working alongside the Chief Information Security Officer, you will act as an expert technical advisor to management on latest techniques and methods to identify, protect, detect, respond and recover against evolving cyber security threats.
This position provides a rare diverse opportunity where, you will be involved in executing reactive and proactive activities across technical and non-technical controls. Identify and expose any vulnerabilities and potential threats within the QIC environment, whilst also ensuring equally appropriate contingency plans or responses exist.

In this role you will be working in a dedicated cyber security team, with QIC’s cloud technology and alongside QIC’s partners’ global security operation centre, using the latest and greatest security tools.
The key accountabilities include but are not limited to:
Compliance - Assist and facilitate an internal assurance program to manage information and technology risks identified within the Information Security standards.
Assurance - Assist and facilitate information and technology external assurance activities, maintain centralised status, co-ordination and delivery or requests on behalf of the Technology team.
Perform third party risk assessments - Develop and maintain appropriate registers, guidance and assessment documents associated with a sound risk management approach.
DR Planning - Assist in the organisation and co-ordination of Technology DR planning, testing and activities. Ensure appropriate technology and business stakeholders are engaged to manage business continuity risks.
Education and Awareness - Assist in the development and delivery of an Information Security awareness program and material targeted at the broader organisation.
Virtual Intelligence – Develop, maintain or support virtual intelligence capability to identify current and emerging cyber security risks.
Emerging Threat Advice – provide advice and insight on significant emerging threats and recommend tactical or strategic change to counteract these threats.
Incident Management - Execute incident management procedures including monitoring and manage all local security breaches and handling of security incidents, root cause analysis and impact, taking appropriate action to prevent recurrence wherever possible.
Support, Assist and Advise – provide support to delivery teams to ensure optimal use and application of security controls and systems. Consultation with key stakeholders to ensure IT Risk and Security policies remains aligned with stakeholder requirements

The ideal candidate
This career defining position will allow you to develop your existing cyber and risk skills in a high performing and collaborative environment, provide career advancement opportunities as well as the opportunity to grow and be mentored by peers.
Bringing a positive attitude as well as a keen interest to learn and grow within the role and team, you will have strong business writing and communication skills, creativity, a keen interest in technology with a ‘can-do’ attitude. Previous experience in areas of threat detection, assessment and mitigation would be highly regarded.

As a strong candidate for this role, you will have the following:
Degree in Information Technology (or similar); or
Recognised qualifications in Information Technology;
Specific training in Cyber Security or equivalent prior experience; and
Excellent report writing capabilities and communication skills.
solid knowledge of cyber security or information security management
sound knowledge of industry practise in cyber security frameworks (e.g. NIST/ CIS, etc)
understanding of incident management and response planning
sound understanding of technology and contemporary use in corporate environments

To apply
To apply, please submit a cover letter and CV via our careers portal. Applications close 11pm, Thursday 20 September 2018.
Applications from Recruitment Agencies will not be considered.
Follow QIC on LinkedIn to receive the latest industry news and job updated at

About QIC
QIC is a global diversified alternative investment firm offering infrastructure, real estate, private equity, liquid strategies and multi-asset investments. It is one of the largest institutional investment managers in Australia, with A$86.1 billion (30 June 2018) in funds under management. QIC has over 1000 employees and serves more than 115 clients including governments, pension plans, sovereign wealth funds and insurers, spanning Australia, Europe, Asia, Middle East and the US. Headquartered in Brisbane, Australia, QIC also has offices in Sydney, Melbourne, New York, Los Angeles, Cleveland, Fort Lauderdale, San Francisco, London and Copenhagen.
At QIC our pursuit is to be an inclusive organisation, one in which every employee has a true voice. We want every employee to have a sense of belonging within QIC and this includes feeling like his or her difference is valued, whatever the difference. We want to build people leader capability to reduce unintended bias and ensure we are leveraging the uniqueness of all our people.

Powered by Wild Apricot Membership Software